--On Tuesday, February 16, 2016 22:43 +0000 John Levine <johnl@xxxxxxxxx> wrote: >>>> Sadly Keith Moore's addrquery draft seems to have stalled: >>>> >>>> https://tools.ietf.org/html/draft-moore-email-addrquer >>>> y-01 > >> Unfortunately, the draft is useless for end-to-end >> encryption, as it relies on a clean path from the client to >> the recipient's SMTP server ... > > I would encourage anyone interested in this topic to read the > draft, particularly section 4. No, it does not depend on a > clean path from the MUA to the recipient MTA. As I read it, it requires a path from the MUA or Submission server that can be secured with TLS at each hop. It does not require a single hop arrangement. Whether the first is a "clean path" is a matter of definition, but the proposal certainly appears to be workable for end-to-end encryption to me. I have suggested, off-list, to Keith that, in preparing a new version, he should carefully consider the tradeoffs implied by the TLS requirement versus allowing any server that can be reached (even multihop) by SMTP to return key and address information. As usual, the answer will probably depend on what problem we are trying to solve and which aspects of it are most important. john