Ahh gotcha, that makes sense, so like the difference between a self signed SSL certificate and something like LetsEncrypt.
Re 2: I was thinking in the scenario to allow auto discovery of your certificate, so someone who is emailing you for the first time could look up your public key automatically and use it to encrypt their email.
Also, great writeup and thank you!
Question 1: What’s the point of using Actalis? Can’t you generate your own certificate?
Question 2: Is there a way to get your email.server to automatically publish your public key?
Why is there a dunkin donuts app?