Hi, > But the choice to solve this point is "allow two lookups" or "lowercase". If people see big issues with lowercase, I could live with "allow two lookups" (one lowercase) to handle people entering addresses manually. An UI could optionally (independant of the lookup) warn if the keys User-ID differs from what he entered. A milter of course can't do that.
But as a milter's only other option is to send unencrypted, I would not see a problem there even in the theoretical case of a case collission. So I really don't see the benefits of base32 worth the privacy breach. > But you would only be obfuscating the query, not the answer. The answer > is actually even more interesting because it contains the entire key, Not really "more interesting" - someone who knows the email address can query the key himself... But of course, for successfull queries the answer would be visible. But for those at least the mail will most likeley be encrypted then :) The problem I (and I expect also Patrik) sees is all the "useless" queries. If a mail server operator wants to implement a milter, or a user wants to install a MUA plugin looking for keys, this will look up every address passing through. And we all know: for now that will in most cases NOT give a result for a forseeable future. So he will consider: is the few cases I get a key back worth the privacy leak for ALL THE OTHER addresses? And I see a big risk that this will slow or completely hinder deployment of such client side implementations, which will lead to not many people offering the recrods, which in the end will lead to suffering... I mean failure of OPENPGPKEY. And of course I totally agree that the real answer is DNS privacy, but if we wait for that to be widely deployed we can really delay our draft for another few years... So in my opinion it should be designed in a way that it at least offers the easy possible privacy by hashing, making it impossible to simply snoop all the addresses. I think it makes a big difference for the people on the client side. Greetings, Florian -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstrasse 15, 81669 Muenchen Sitz der Gesellschaft: Muenchen, Amtsgericht Muenchen: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein _______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
