On Thu, Apr 20, 2017 at 03:23:42PM +0000, Viktor Dukhovni wrote: > This was all covered in the discussion of draft-moore-email-addrquery. > (Perhaps on the UTA rather than DANE list? I don't recall) > > My take at the time was (and remains) that queries for the recipient's > public key can be tunneled through the user's MSA, thereby avoiding > the issue of inability to reach port 25 from consumer end-device > IP space. That discussion unfortunately appears to have worn-out > the draft author. > > I still think that draft is worth pursuing, if one is willing to > not set the bar too high. The reason we have so little security > is sometimes (often?) because we're unwilling to accept less than > "perfect" security. It is not unreasonable to trust the MSA to be > a trusted proxy for remote keys. After all, in that model the same > MSA/MTA operator is trusted to vend your keys to others. +1 The link to DNSSEC could be this: - the client should learn via DNSSEC that the user's MSA supports this feature, and - the user's MSA should learn via DNSSEC that the target domain (and any MTAs on the way there) supports this feature. Nico --