> As it is, there is not even a way for a known email sender to securely introduce an unknown email sender. You know, the way that regular human people normally are able to transfer identities from one to the other.
That's exactly what PGP's web of trust model is for. Someone you know, and trust, can sign and send you a public key of someone that they trust.
This new key will be automatically trusted in your trust store because it's signed by someone you already trust, although in a lesser trust level to account for the degree of separation. If you later verify that key out of band you can upgrade it to a higher trust level.
SPF/DKIM, as well as TLS etc., is just stupid shit we do because we're too lazy and/or incompetent to make web of trust work for us. It's not a technology problem, it's a human problem.
> SPF/DKIM, as well as TLS etc., is just stupid shit we do because we're too lazy and/or incompetent to make web of trust work for us.
Having key signing parties for the entire world wide web does not seem scalable to me.
If you want to have complete trust in every key you hold then you need to validate it personally. This is exactly the same scaling factor as Signal or WhatsApp, for example.
Web of trust scales better than that, though. It gives you confidence in keys you haven't seen yet because they are signed by other keys that you do trust. The key signing parties strengthen the web of trust, making it more likely a potential correspondent will receive a key signed by someone they trust and therefore potentially not needing to verify it personally.
It all depends how much confidence you want to have for each key. At the end of the day there is no substitute for verifying each key personally if you want to be completely sure. PGP give you the option to hold keys with a lower level of confidence for e.g. less sensitive communications.
Well, yeah, we should use preexisting standards and OpenPGP would be perfectly fine here and is probably the best choice. That is a wheel we do not need to reinvent. But the actual system used to do the signatures and keep track of the reputation is the last thing we should be thinking about at this point. We should instead concentrate on how to create a system that the majority of people can use and understand. We should be concentrating on standardizing concepts...
Right, that is my point. I feel like there is a fundamental lack of understanding in the vast majority of the population about trust. We haven't helped by telling people "you can trust the little green padlock". Nobody asks "why should I trust it?". That is the problem. It really doesn't matter what technology we provide, so far none of it is really used by regular people to establish trust.
The other option, of course, is to design a trustless system, like BitCoin, but that has its own problems.