On 9/23/2015 4:39 PM, Sam Hartman wrote: > So, if you care at all about trust, you then the trust you can assign > to a key just because you got it from a key server (approximately zero) > is very likely to be insufficient for any use ... > We're arguing about whether the implicit signature from the domain owner > raises the location-based trust enough above zero to be useful even if > you don't have prior knowledge of the domain's policies etc. > > I think John is also arguing that he'd like to change the key servers to > have some location-based trust. The current draft was essentially cast as 'merely' providing an alternative venue for finding keys. That's a distinct, useful function. However it appears that some folk have conflated this other, deeper function, of imparting trust to the key, using a model that is fundamentally different than established OpenPGP practice. It's fine to consider alternative models, especially when established practice has a long history of failing to scale well. What is not so fine is having the model be promulgated with little-to-no consideration. My own view is that task of finding keys should be treated entirely independently of supplementing/replacing the trust model. That means the current work should consider DNSSec irrelevant and ensure that the retrieved DNS records have utility equivalent to what it retrieved from an existing key server. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net