On Sat, 12 Mar 2016, Doug Barton wrote:
On 03/12/2016 01:00 AM, John C Klensin wrote:
The IETF should not be encouraging experiments on the public
Internet that could be harmful to the Internet or to existing
deployed applications, especially standards-track ones. Several
people with significant email operational experience have made
the claim that this experiment could be harmful to the
Internet's email infrastructure, if only by encouraging a
violation of a fairly explicit (and very important, IMO)
provision of SMTP. As far as I can tell from reviewing the
discussions, there has not even been effort to refute those
claims or explain why they are not relevant.
Has anyone laid out the perceived dangers in an easily digestible format? I
would be interested to see that discussion.
Given that the DNS RR in question is something the end user has to explicitly
request, the danger is not immediately obvious to me.
That is not clear to me either, since the _delivery_ is unchanged, and
still goes to the local-part _exactly_ as specified by the user. So the
risks here are:
1 Failure to find an existing OPENPGPKEY record, email goes out in plaintext
just as
if this draft never existed.
2 In an email server has paul(_at_)nohats(_dot_)ca and
Paul(_at_)nohats(_dot_)ca, AND these
are different users, then instead of JUST mailing the wrong user in
plaintext, the wrong user is emailed encrypted to that user. This is
functionaly still better than the current deployment, since only 1
wrong user can see the (encrypted) email instead of everyone on the
path plus the user who can see the never-encrypted email.
However, the email community experts themselves have already stated that
finding an email server compliant to case 2 is a theoretical exercise
only.
Paul