--On Tuesday, February 16, 2016 22:43 +0000 John Levine
<johnl(_at_)taugh(_dot_)com> wrote:
Sadly Keith Moore's addrquery draft seems to have stalled:
https://tools.ietf.org/html/draft-moore-email-addrquer
y-01
Unfortunately, the draft is useless for end-to-end
encryption, as it relies on a clean path from the client to
the recipient's SMTP server ...
I would encourage anyone interested in this topic to read the
draft, particularly section 4. No, it does not depend on a
clean path from the MUA to the recipient MTA.
As I read it, it requires a path from the MUA or Submission
server that can be secured with TLS at each hop. It does not
require a single hop arrangement. Whether the first is a "clean
path" is a matter of definition, but the proposal certainly
appears to be workable for end-to-end encryption to me.
I have suggested, off-list, to Keith that, in preparing a new
version, he should carefully consider the tradeoffs implied by
the TLS requirement versus allowing any server that can be
reached (even multihop) by SMTP to return key and address
information. As usual, the answer will probably depend on what
problem we are trying to solve and which aspects of it are most
important.
john