> It has the advantage of not relying on the Certificate Authority system
I wouldn't say it's an advantage, while CA system has many flaws at least it's monitored somehow (for example via Certificate Transparency) while putting keys in DNS would require the app to validate records (does GnuPG do that?), not to mention the queries are not encrypted (so are visible to any hop) and could be transparently replaced by your government or TLD operator. Many DNS providers do not allow adding "exotic" records.
I wouldn't say it's an advantage, while CA system has many flaws at least it's monitored somehow (for example via Certificate Transparency) while putting keys in DNS would require the app to validate records (does GnuPG do that?), not to mention the queries are not encrypted (so are visible to any hop) and could be transparently replaced by your government or TLD operator. Many DNS providers do not allow adding "exotic" records.
For further info see e.g.: https://sockpuppet.org/blog/2016/10/27/14-dns-nerds-dont-con...
> and not requiring a full web stack (which some email clients and servers wouldn't want to open themselves up to).
Email clients and servers that do PGP usually have "full web stack" already to connect to keyservers.
Additionally while DANE or PKA lookups can be enabled in GnuPG only WKD is enabled by default ("auto-key-locate" is "local,wkd").
Nice nick by the way :)