Re: [ietf-smtp] DNSSEC, was New Version Notification for draft-fenton-sm

ietf-smtp

Re: [ietf-smtp] DNSSEC, was New Version Notification for draft-fenton-smtp-require-tls-00.txt

2016-01-11 20:01:29

Last time I checked, setting up DNSSEC is still a bit painful. Few  
registrars, TMK, support DNSSEC directly. Maybe this has changed.


https://www.icann.org/resources/pages/deployment-2012-02-25-en

It's changed somewhat.  Some large registrars like Godaddy, Gandi, and
Tucows support it, some like NetSol don't.  I have about 300 zones on
my DNS server, all signed locally, but I've only been able to upload
the DS records for half of them.

For DANE, application software that supports TLSA and DNSSEC based TLS
verification is still pretty thin.  Versions of opsnssl with DANE
support only became available within the past month.

Having said all that, it's still far from clear to me that something
other than DANE would work any better, particularly considering how
cruddy the CA world is turning out to be.


_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [ietf-smtp] Fwd: New Version Notification for draft-fenton-smtp-require-tls-00.txt, (continued) Re: [ietf-smtp] Fwd: New Version Notification for draft-fenton-smtp-require-tls-00.txt, Jim Fenton Re: [ietf-smtp] Fwd: New Version Notification for draft-fenton-smtp-require-tls-00.txt, John C Klensin Re: [ietf-smtp] Fwd: New Version Notification for draft-fenton-smtp-require-tls-00.txt, Jim Fenton Re: [ietf-smtp] Fwd: New Version Notification for draft-fenton-smtp-require-tls-00.txt, Rolf E. Sonneveld Re: [ietf-smtp] Fwd: New Version Notification for draft-fenton-smtp-require-tls-00.txt, John C Klensin Re: [ietf-smtp] Fwd: New Version Notification for draft-fenton-smtp-require-tls-00.txt, Robert A. Rosenberg Re: [ietf-smtp] Fwd: New Version Notification for draft-fenton-smtp-require-tls-00.txt, John C Klensin Re: [ietf-smtp] Fwd: New Version Notification for draft-fenton-smtp-require-tls-00.txt, Alessandro Vesely Re: [ietf-smtp] Fwd: New Version Notification for draft-fenton-smtp-require-tls-00.txt, Jim Fenton Re: [ietf-smtp] New Version Notification for draft-fenton-smtp-require-tls-00.txt, Sam Varshavchik Re: [ietf-smtp] DNSSEC, was New Version Notification for draft-fenton-smtp-require-tls-00.txt, John Levine <= Re: [ietf-smtp] DNSSEC, was New Version Notification for draft-fenton-smtp-require-tls-00.txt, Rolf E. Sonneveld Re: [ietf-smtp] Fwd: New Version Notification for draft-fenton-smtp-require-tls-00.txt, Tony Finch Re: [ietf-smtp] Fwd: New Version Notification for draft-fenton-smtp-require-tls-00.txt, Jim Fenton Re: [ietf-smtp] fall back to clear text if TLS fails (was: draft-fenton-smtp-require-tls-00.txt), Claus Assmann Re: [ietf-smtp] fall back to clear text if TLS fails, Jim Fenton Re: [ietf-smtp] fall back to clear text if TLS fails, Rolf E. Sonneveld Re: [ietf-smtp] fall back to clear text if TLS fails, Jim Fenton

Previous by Date:	Re: [ietf-smtp] New Version Notification for draft-fenton-smtp-require-tls-00.txt, Sam Varshavchik
Next by Date:	Re: [ietf-smtp] DNSSEC, was New Version Notification for draft-fenton-smtp-require-tls-00.txt, Rolf E. Sonneveld
Previous by Thread:	Re: [ietf-smtp] New Version Notification for draft-fenton-smtp-require-tls-00.txt, Sam Varshavchik
Next by Thread:	Re: [ietf-smtp] DNSSEC, was New Version Notification for draft-fenton-smtp-require-tls-00.txt, Rolf E. Sonneveld
Indexes:	[Date] [Thread] [Top] [All Lists]