--On Monday, October 27, 2008 3:03 PM +0000 Tony Finch
The same problem applies to the MX mail domain -> hostname
mapping, where TLS is insecure because authenticates the
target not the source.
Absolutely. My comment about DNSSEC referred only to increasing
the odds that the MX target list specified by the administrator
of the mail domain was the same as the one that was received by
the remove SMTP server. Obviously, I hope, if that information
is bogus or the environment was compromised in some other way
--some way that could be detected by properly structured
CA-based certs-- DNSSEC would not help and would, indeed, not
add tremendous value. But first one has to find a server
before one can validate it and, for that, we are pretty
dependent on the DNS.