>Has anyone laid out the perceived dangers in an easily digestible >format? I would be interested to see that discussion. See the discussion on this list in the first LC. I tried to sum them up in one message about a week before the end. >Given that the DNS RR in question is something the end user has to >explicitly request, ... Uh, what? The DNS is under control of the domain owner, not the end users. If I'm running mitmmail.com, I can publish keys for all of my users that I can decode on the way in. If I'm that kind of MITM I might even re-encode the mail with the users' real keys if I know what they are, perhaps from the traditional PGP key servers. This points out one of the problems with this draft: there's no security model beyond the implicit DANE model that anything that's signed with DNSSEC must be true. R's, John