--On Sunday, March 13, 2016 18:47 -0700 Doug Barton
<dougb(_at_)dougbarton(_dot_)us> wrote:
...
On 03/13/2016 08:10 AM, John C Klensin wrote:
...
I don't know why we (that "email community") and you (Paul)
are having so much trouble communicating, but
Having read a bunch of the DANE archives today it does seem
that there is a problem in communication, but honestly it
doesn't seem all that one-sided. :)
I didn't claim that it was. While, IMO, it shouldn't be an
excuse for this many communication problems, the two communities
rather clearly have different priorities about what is
important. Until and unless we can somehow rise about protocol
details to engage about those priorities and figure out how to
figure out the tradeoffs between them, we aren't going to make
much progress.
I don't speak for the rest of the "email community" but my
highest priority is "don't break things that are implemented,
widely deployed, and at least reasonable satisfactory to many
millions of users". Some of the arguments for doing what the
draft proposes seem to me to be rather close to "encryption
whenever possible is so important that, if fewer messages get
through or other damage occurs, that is ok". Certainly not all
of them, of course.
...
I'm perfectly willing to grant that some systems do this.
Paul's hashing scheme accounts for this, and CNAMEs can be
used to handle any aliases that are desired.
I don't see how the hashing scheme accounts for it without at
least some address canonicalization, which the I-D does not
specify.
Further, I think that many of the critics of the draft are
ignoring the fact that in the overwhelming number of cases the
sending user is going to have an example of the receiving
user's e-mail address, the most likely case being that they
are replying to a message they already have in their MUA. Thus
it's overwhelmingly likely that the sending user will already
have a representation of the receiving user's local part that
the receiving user considers to be canonical, and thus is
likely to have placed an OPENPGPKEY RR for.
At one level, certainly yes although I'm not sure about
"overwhelmingly". FWKW, we have had email systems that, because
few people could get the rather complex address formats right,
essentially required that one either have a message to reply to
or a correct directory entry in order to send a message. It
didn't work out well; opinions differ as to how much of the
problem was the absence of a working universal email address
directory.
...
I do believe that, if that is the
protocol spec, there is a lot of surplus and confusing text in
the I-D that should just come out.
FWIW, I agree that the draft in its current state needs some
tightening, as it seems to have some leftover tidbits from
previous versions. I also think that the approach suggested is
wrong, and would like to see a parallel approach codified
(which I will comment on further in another message).
Ack. I look forward to that message with the understanding that
there are a number of parallel approaches floating around (I
don't believe Keith's promised proposal has been posted, btw)
and that Stephen's position seems to be that we should just push
them all out as experiments.
john