On Sat, Dec 13, 2014 at 04:47:37AM -0000, John Levine wrote:
> >I was thinking of multiplexing by port, rather than URI. So that
> >the service in question really could be a light-weight HTTPS server
> >add-on to an MTA, rather than an HTTP application in a general
> >purpose HTTPS server.
>
> Before we go too far down this road, we might check with some people
> who run large mail systems and ask how likely they are to spin up an
> all new address verification server. It doesn't seem very likely to
> me.
>
> The DNS has its faults, but it has the great advantage of already existing.
And of course ask them also how likely they are to publish per-user
keys in DNS, other than perhaps a wildcard trust-anchor.
In other words, were they to provide access to a key lookup service,
what are the relevant design constraints.
Perhaps Ian Fette can comment from a Gmail perspective.
Also do they see key lookup for encryption on first contact as a
requirement? Or is signature-only first contact with encryption
keys provided optionally on reply, their preferred model for
encryption key distribution.
--
Viktor.
_______________________________________________
dane mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dane
