[Top] [All Lists]

Re: [ietf-smtp] [OT] (signed TLDs)

2019-10-15 22:30:54
On 10/15/2019 9:56 PM, Keith Moore wrote:
On 10/15/19 9:36 PM, Hector Santos wrote:

The technical security aspect of encryption is no longer good enough
-- certs now have to be CA-signed now.

Certs that weren't signed by a trusted party were never worth anything
anyway, unless maybe you manually pinned them.


Yes, 100% +1 but traditionally, it is a known target, i.e. well known users using a well-known trusted site. As long as the common name matches, it is secured. No? What I am seeing for the first time ever in HTTP history, HTTP comm I/O is ok, HTTPS is degraded by the ISP if self-signed. Explain that. They can't. Too classified. :-(


ietf-smtp mailing list