Dear Colleagues <chair-hat off> I have been thinking about the issues in finding right email address format for a user. IMHO we need to take a step back and think about responsibilities, and expectations as well as goals.
The goal is to create a simple way to find <email key> for a known correspondent. Can we assume that the email encryptor knows the address of recipients in a format emitted by the recipients email system, and is that good enough? Can we expect a User mail agent to look up many different form of an email address just to find an <email key> ? Can we expect a Email provider to publish users email key for number of variants of the users email address? There have been mentions of EMAIL oracle, and other methods to find “canonical address” for user. Are there simple rules we can apply to email addresses that decrease the number of combinations? For example we can apply lower case rule to the left hand side before hashing? <chair-hat off> <char-hat on> I think we can publish OPENPGPKEY draft as is tagging it as Opportunistic key lookup, if it has to be labeled EXPERIMENTAL that is fine. We push the issues of canonical email discovery and techniques to improve finding keys for random email addresses into the OPENPGPKEY-usage document as there are things that email receivers can do as well as what senders can do. Comments. Olafur _______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
