On 07/01/2019 11:34, Paul Smith wrote:
A simple TXT record saying "This domain's MTAs support STARTTLS (and,
possibly, optionally, this is the certificate fingerprint)" would seem
useful and not need anything else, and would protect against STARTTLS
downgrade for any sender willing to support it.
Starting to look like a DANE TLSA record...
--
Cheers,
Jeremy
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp