On Sat, 14 Jun 2015, John Levine wrote:
There are some advantages to each approach. The main disadvantage
of not using DNS (B), is that no such service is readily available,
so new code would be required to implement it.
At the WG in Dallas, people familiar with mail ops seemed to think
that webfinger would be suitable.
And using another protocol/service such as webfinger does not need to
use the query mechanism of hashing and lowercasing, so I don't see
this as an objection to the currently drafted DNS query method which
opts to use the existing DNSSEC security without adding an additional
service that needs to be available, scallable, authenticated and
withstand email enumeration attacks.
Paul
_______________________________________________
dane mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dane
