Hi,
Noting that https://tools.ietf.org/html/draft-sheffer-uta-rfc7525bis-00
section 3.2 says that TLS-on-connect SHOULD be preferred over STARTTLS
(my rephrasing) - and that while T-o-c is reasonably common for MSA-MTA
but not for MTA-MTA -
should we think about technical means to facilitate the latter?
Eg:
- a new well-known port (vs. TCP/25)
- a DNS SRV label extending RFC 6816, to advertise a port
with the facility (NB: RFC 8314 defines a "submissions" label)
- some clever means for autodetect on a single port
- an extension to DANE (RFC 7671) to bundle the port with the
cert-association
--
Cheers,
Jeremy
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp