Cyrus Daboo wrote:
Hi Tony,
--On January 5, 2010 6:49:16 PM +0000 Tony Finch <dot(_at_)dotat(_dot_)at>
wrote:
A few comments on draft-daboo-srv-email:
Just to update everyone on the status of this draft - there are a whole
bunch of comments pending from the original review of this last year. I
have been waiting for the SRV registry spec to be updated following the
heated debates at the end of last year which came to resolution at the
meeting in Japan. Once that spec is out I will revise srv-email
document. The other major point was having srv-email say very little
itself about certificate verification, and instead refer to
<http://tools.ietf.org/html/draft-saintandre-tls-server-id-check-02>. It
would be nice if that spec could have an explicit example of
verification where SRV was used to get the server hostname.
This draft appears like a practical and simple proposal. I just added
a SRV record for our winserver.com email domain.
_pop3._tcp SRV 0 1 110 pop3.winserver.com.
A few comments:
1) Mail Pickup
I guess overall if I read the specs right, a MUA would do at least
four (4) lookups? Assuming, there is a client design preference to
checked for a secured host first, the order would be:
_pop3s._tcp.winserver.com
_imap3s._tcp.winserver.com
_pop3._tcp.winserver.com
_imap._tcp.winserver.com
And no decision can be made until all four are determined to allow for
user selection idea. IOW, four queries MUST be made. Since this would
normally be a one time thing, it doesn't present any high volume DNS
overhead issue. +1.
2) What about outgoing?
Are MX records considered the solution?
Using GMAIL as an example, I think it only allows IMAP for receiving
and SUBMIT (port 587) for sending. So wouldn't a SRV record be useful
for the case where SMTP is used for outgoing when the incoming uses IMAP?
--
Sincerely
Hector Santos
http://www.santronics.com