On Feb 17, 2016, at 10:24 PM, Paul Wouters <paul(_at_)nohats(_dot_)ca> wrote:
So if my ISP is blocking port 25, I am forced to ask my ISP if the
remote party could accept encrypted email and to which key?
[ That's only if your ISP is your submission server, in which case
they're also likely operating the zone that would public your
public keys, and you're likely vulnerable to a variety of attacks
via that ISP. Since faking the keys of remote parties is likely
tamper-evident, and such faking can also happen by who-ever is
publishing the zone data on the other end, I think this is a
reasonable architecture, but we digress... ]
The addrquery draft is not under discussion here, so perhaps I
should not even have said that much. Exploring additional
approaches seems reasonable.
--
Viktor.