[Top] [All Lists]

Re: Any interest in rigorous definition for SSL certificate verification in SMTP?

2011-11-15 04:47:22

Carl S. Gutekunst <csg(_at_)alameth(_dot_)org> wrote:
Tony Finch wrote:

For inter-domain SMTP, STARTTLS is hopeless because the majority of MX
server certificates cannot be verified, as Carl has previously described
on this list

I think the situation has improved slightly.

Good :-)

There is also the problem of which identity is to be verified. There is no
point verifying the MX target host name unless the recipient's DNS zone is
signed and the sender's MTAs are doing DNSSEC validation.

I think that latter element as it the heart of the DANE working group? (No, I
hadn't heard of that WG until Dave pointed it out.)

It's orthogonal. DANE is about replacing and/or augmenting PKIX
certificate verification with DNSSEC-based certificate verification. It
does not address the question of which identity in the protocol being
layered on top of TLS is being authenticated by the certificate.

The answer for SMTP should be the same as the answer for inter-domain
XMPP. I don't know what they have settled on.

I'm trying to stay simple at this point, and only verify the recipient MX
server, not the recipient domains. That's already being widely done, but (as I
noted to Dave) without any clear specification for how to do that in SMTP.

OK, provided the recipient domain has DNSSEC and the sender validates it.

However, as I go through RFC 6125, it pretty much does seem to be covering
everything I wanted (other than deprecating the current common practice...

Right, as I said, we need extra signalling to turn on strict verification.

f.anthony.n.finch  <dot(_at_)dotat(_dot_)at>
Irish Sea: Southeast 4 or 5, increasing 6 at times. Slight or moderate. Mainly
fair. Moderate or good, occasionally poor.