[Top] [All Lists]

Re: [ietf-smtp] DANE without DNSSEC (was: certificate pinning)

2014-06-16 14:36:24
Right, and my desktop at work as well as most of my personal servers are
running the last Ubuntu LTS release (precise) from Spring 2012 and don't
have it.  Some things upgrade slowly.  I don't have any knowledge one way
or the other on how much of a burden it would be for the open source MTAs
and their admins, etc.

DNS client software is largely indifferent to rrtypes.  You ask for
type N, it sends off the request hands you back the type N records.
It's the application's job to parse it up.

Probably less work than getting DNSSEC up, I guess.

Way less, since DNSSEC requires significant client library upgrades.


ietf-smtp mailing list

<Prev in Thread] Current Thread [Next in Thread>