[Top] [All Lists]

Re: [ietf-smtp] certificate pinning

2014-06-16 12:05:01
Evert Mouw <post(_at_)evert(_dot_)net> wrote:
Peter Bowen schreef op 8-6-2014 18:10:
TLSA records make sense in many contexts.  Unfortunately the current
spec for using them with SMTP (draft-ietf-dane-smtp-01 and
draft-ietf-dane-srv-05) make them unusable unless both the source and
target domains use DNSSEC.

Any chance to have influence on the authors of the draft? I will forward
your mail to Tony Finch, the first author of both drafts.

Can't do DANE without DNSSEC. Yes there's a chicken-and-egg problem, so
everyone should get laying.

f.anthony.n.finch  <dot(_at_)dotat(_dot_)at>
Sole, Lundy, Fastnet: Northeast 3 or 4, increasing 5 at times. Slight or
moderate. Fair. Moderate or good.

ietf-smtp mailing list