im curious why there isn’t a defined protocol to retrieve PGP keys from a destination mailserver or if im just not searching with the right parameters.
I imagine a quite simple process like other established processes (AutoDiscovery, etc.)
- Sender enters recipients e-mail into the mail client (thunderbird/outlook/whatever)
- Mail client resolves the PGP discovery service of that domain via a defined SRV record
- If the intended recipient has added a pubkey to his profile the service will answer the request accordingly (otherwise nothing really happens)
- The mail client uses the pub key and intransparent to the sender encrypts the message before sending
- The end
I mean a database and a very simple web services that takes an e-mail address as a parameter and eventually replies with the corresponding database entry isn’t that sophisticated.
Why hasn’t this been done? Or am I missing a crucial point (except politics)?