Feature request: Support OpenPGPkey look-ups
Hi,
sharing public PGP keys is the big show stopper in email end-to-end encryption.
IETF RFC 7929 - DNS-Based Authentication of Named Entities (DANE) Bindings for OpenPGP has been released a few days ago. This experimental RFC standardizes how to securely publish and lookup public GPG-keys for email end-to-end encryption.
Most vendors of email-software lack experience with DNSSEC. The dnssec-validator has the necessary code to validate DNSSEC-protected information.
So I suggest to implement OpenPGPkey look-ups for email-addresses in dnssec-validator. This can be done either as a search-engine addon or a button which opens a local site.
The german email providers Core Networks, mail.de and Posteo already publish OpenPGPkey-records. If you want to test your implementation you can look up the email-addresses info@core-networks.de, support@mail.de and support@posteo.de . The result can be compared at OPENPGPKEY.info