Re: [ietf-smtp] certificate pinning

On Sun, Jun 08, 2014, Jim Fenton wrote:

Before we get too far down the road with how to accomplish this, I'd
like to ask about the "beneficial" part: What behavior we would like to
occur with respect to certificate validation?


That's local policy. For example, in sendmail (and most likely
other MTAs) you can require certain restrictions on connections,
this would be just another one, e.g.,

TLS_Clt:example.com      PERM+VERIFY:112

requires successful cert verification from hosts within the
example.com domain.

_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [ietf-smtp] certificate pinning, (continued) Re: [ietf-smtp] certificate pinning, Claus Assmann Re: [ietf-smtp] certificate pinning, Brandon Long Re: [ietf-smtp] certificate pinning, Evert Mouw Re: [ietf-smtp] certificate pinning, Peter Bowen Re: [ietf-smtp] certificate pinning, Evert Mouw Re: [ietf-smtp] certificate pinning, Peter Bowen Re: [ietf-smtp] certificate pinning, Brandon Long Re: [ietf-smtp] certificate pinning, Brandon Long Re: [ietf-smtp] certificate pinning, Jim Fenton Re: [ietf-smtp] certificate pinning, Brandon Long Re: [ietf-smtp] certificate pinning, Claus Assmann <=