On Wed, 23 Sep 2015, John Levine wrote:
I've been trying to figure out what this draft provides that the existing widely implemented PGP keyservers don't. So far, it seems to be that in some cases it's easier to delete dead keys, although that makes some significant assumptions about how the provisioning systems work. We seem to agree that the security isn't very different: if the domain's management can run the DNS securely and truthfully represents its users' interests, DANE might be better, otherwise not. Since the most plausible usage scenario is opportunistic encryption to recipients, it doesn't really matter where the keys come from.
Of course it does. I can upload a new and stronger key with keyid johnl@xxxxxxxxx to the keyservers and now you cannot read any email people send you that is automatically encrypted to a key you don't own. You can't trust the keyservers for the binding between keyid and email address. Paul