Harald Tveit Alvestrand wrote:
On reviewing T. SchorPP's suggestion, I read this paragraph a few times:
The decision of whether or not to believe the authenticity of the
other party in a TLS negotiation is a local matter. However, some
general rules for the decisions are:
- A SMTP client would probably only want to authenticate an SMTP
server whose server certificate has a domain name that is the
domain name that the client thought it was connecting to.
yes, my experimental postfix server is configured for this req.
otherwise no valid peer authentication possible. self signed or not is
the next question. if you accept self signed you have to maintain a
fingerprint database or trust dns without any crypto.
Now... I have a server that is an MX host for half-a-dozen domains, and
has about 3 A records pointing to it (why is a long history).
How does my server know which certificate to present to the client, so
that the above general rule is satisfied?
by the requested peerDN. script or implement it.
(For the MX case, the answer might be "content of the MX record" rather
than "domain that contains the MX record" - doesn't help for the A case,
and is not obvious from the text)
Am I missing something obvious?