On Oct 26, 2019, at 3:33 PM, Дилян Палаузов
Why is it common for https-providers to offer both RSA and EC certificates,
but it is not common for IMAP or SMTP
providers to offer EC certificates? I mean, if EC offers less calculations
without sacrificing security, why nobody
makes use of this?
MTAs are difficult enough to operate without the extra complexity of
managing certs for multiple algorithms. For mostly opportunistic TLS,
there's not much incentive to jump through complex TLS hoops.
DANE (~3 years earlier) specifies at least TLS 1.0 and SHOULD TLS 1.2:
The Postfix TLS implementation does not allow enable ciphers
when TLS is mandatory, and these are rapidly disappearing
entirely from TLS stacks.
I do not get the last paragraph.
I fumbled the original response, sorry about that. You asked:
What happens to MTAs, that are so smart to understand MTA-STS or DANE,
but offer only weak ciphers?
I meant to say that Postfix disables weak ciphers when TLS is mandatory,
(e.g. when DANE or MTA-STS is used). So anyone configuring DANE or MTA-STS
needs to implement the MTI TLS 1.2 ciphers and generally most of the reasonably
ietf-smtp mailing list