On Tue, 27 Aug 2013 23:39:51 -0400 Jerry Leichter <leich...@lrw.com> wrote: > It's not as if this isn't a design we have that we know works: > DNS.
As I said elsewhere: as a practical matter, almost no one using email is a DNS administrator. This therefore cannot possibly deploy in finite time for the average user. If your mailbox is in a domain name controlled by someone else, you may wait effectively forever for permission. Indeed, DNSSEC itself has waited forever as a result of that. Furthermore, this is unacceptable because the trust model is unacceptable. If you are a user of gmail, for example, it implies that Google is in the trust loop for telling the world security critical information, like, for example, your key. Sovereign threats can order Google to insert different keys at will. As I've said elsewhere: the DNS is a very architecturally tempting idea for all of this. I fully understand why people would want to do it that way. It is not, however, practical if one wants to deploy in months and not decades, and it makes trust entirely hierarchical. Perry -- Perry E. Metzger pe...@piermont.com _______________________________________________ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography