On Apr 1, 2015, at 9:38 AM, Paul Wouters <[email protected]> wrote: > On Wed, 1 Apr 2015, Olafur Gudmundsson wrote: > >> <chair-hat off> >> I have been thinking about the issues in finding right email address format >> for a user. >> IMHO we need to take a step back and think about responsibilities, and >> expectations as well as goals. >> >> The goal is to create a simple way to find <email key> for a known >> correspondent. >> Can we assume that the email encryptor knows the address of recipients in a >> format emitted by the recipients email system, and is that good enough? > > I believe so.
I don't but then the credentials aren't found. That is an answer - the client/end user will need to account for that. > >> Can we expect a User mail agent to look up many different form of an email >> address just to find an <email key> ? > > Whatever we say in the document, some User mail agents will probably > perform multiple lookups, especially for the [email protected] case. > >> Can we expect a Email provider to publish users email key for number of >> variants of the users email address? > > That is very unlikely. See the VRFY command in SMTP. Some enterprises might if they feel it is important enough, but probably only the "big ones" like FLast and flast, etc. > > >> <char-hat on> >> I think we can publish OPENPGPKEY draft as is tagging it as Opportunistic >> key lookup, if it has to be labeled EXPERIMENTAL that is fine. > > I would prefer it not be labeled EXPERIMENTAL. This draft isn't rocket > science. +1, Just having it opportunistic is enough. > >> > > As for Stephen's comment regarding sha224. I honestly don't care that > much, but lean towards not manually cutting down hash lengths and let > cryptographers make those calls. Hence the use of sha224. > I understand Stephen's reasoning and if it makes deployment easier for folks who need to pass audits, then let's do that. Scott > Paul > > _______________________________________________ > dane mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/dane =================================== Scott Rose NIST [email protected] +1 301-975-8439 Google Voice: +1 571-249-3671 http://www.dnsops.gov/ https://www.had-pilot.com/ =================================== _______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
