On Sun, Jun 14, 2015 at 11:23:20AM -0400, Paul Wouters wrote:
> >No, it assumes that the server has access to the same canonicalization
> >and aliasing data as the SMTP server that processes mail for the
> >domain.
>
> But that's not what this is about. This is about the user typing in an
> email address FOO and that address does not exist, and now some fuzzy
> matching will happen for the client/server to map it to a valid address
> with no guarantee that the user actually meant that target mailbox.
I think this assumption is part of the miscommunication in this
thread. I don't think that's what being suggested. Rather, users
may have lots of valid addresses, known to the receiving system as
being the same user and in fact too many to create a separate DNS
record for each one (as with user+<anything> address extensions).
So the question is whether it should be possible for the key server
server (DNS or otherwise) to recognize address *variants* (not
fuzzy matching). There's nothing fuzzy here, server's domain,
server's matching rules.
> Then somehow, the crypto key lookup is can be enhanced by using base32
> lookups so the server can return crypto keys?
Well with base32, the original input string is recoverable as-is,
and so the server can apply no rules and use the lookup key verbatime,
or it might canonicalize the key in some manner that makes for localparts
in the domain in question.
> If you try to send an email and use the wrong email address, it will
> go to the wrong user.
That's not the use-case under discussion. Rather the concern is about
*variant* addresses, not *wrong* addresses.
> >Because it is the server for the target
> >domain, it might the canonical object corresponding to a given
> >lookup key.
>
> And that could be a disservice to the user! Now the secret email you
> meant to send me gets encrypted and delivered to PaulHoffman isntead
> of PaulWouters?
You've got the wrong end of the stick there. Were not fuzzy matching
"paul" to some random Paul.
We're talking about "v.dukhovni" and "vdukhovni" being equivalent
localparts for my Gmail mailbox and Google unequivocally knows this
is the case, but user agents composing email do not (or at least
should/must not).
--
Viktor.
_______________________________________________
dane mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dane
