On Oct 7, 2019, at 12:28 PM, John Levine <johnl(_at_)taugh(_dot_)com> wrote:
Clearly you can't trust the resolver. But an answer to a DoT query to
an authoritative server seems like it would be sufficient, provided
there's assurance that the server really is authoritative.
There's no such thing as a DoT query to an authoritative server (or
DoH for that matter.) At this point you can only set up DoT by
private arrangement with your resolver.
There's been some discussion about how an authoritative server
might signal that it accepts DoT but it hasn't gotten very far.
Well, maybe this use case will provide an incentive for someone to do the
ietf-smtp mailing list