ietf
[Top] [All Lists]

Re: dane-openpgp 2nd LC resolution

2016-03-14 16:18:46
On Mon, Mar 14, 2016 at 01:18:33PM -0700, Doug Barton wrote:

In this scenario the PGP community has long (and I mean, for 20 years or so)
advised to ring the person and confirm their key fingerprint (and by
extension preferred e-mail address) over the phone. I don't see any reason
why the existence of a DNS mechanism would change that advice.

Because opportunistic encryption won't happen under that requirement.

While not all encryption of email will be opportunistic, it seems
to me that part of the motivation for this experiment is to enable
opportunistic encryption of email sent to people you'll never meet
in person or necessarily be able to contact by means other than
email.

The way that PGP has been used for 20 years has not resulted in
broad adoption of PGP.  This experiment may well not do much better,
(cue Phillip and mathematical mesh which could be what it takes to
make real progress, but too early to tell), but it seems to me that
it is definitely intended to facilitate encrypted first contact.

-- 
        Viktor.