Re: UTA: Server certificate management (Re: Last Call: <draft-ietf-uta-e

As I read that spec, it says mandatory to implement, not mandatory to
use (it's up to the application whether it claims to be capable of using
it or not) - but it permits servers to mandate its use. *Almost* there -
but if this draft wishes to mandate its use, it will have to say so (and
say which identifier it's going to send - AFAIK, it only gets to send one.)


Even with SNI, we still have the problem that there's no way for the
CA to tell what SRV-IDs it should sign other than using RFC 6186
lookups.  But the MUA can do the same 6186 lookup, and that scales a
lot better for the many mail systems that handle large and changing
sets of client domains.

R's,
John

<Prev in Thread]	Current Thread	[Next in Thread>
Re: UTA: Server certificate management (Re: Last Call: <draft-ietf-uta-email-tls-certs-05.txt>), (continued) Re: UTA: Server certificate management (Re: Last Call: <draft-ietf-uta-email-tls-certs-05.txt>), Dave Cridland Re: UTA: Server certificate management (Re: Last Call: <draft-ietf-uta-email-tls-certs-05.txt>), John C Klensin Re: UTA: Server certificate management (Re: Last Call: <draft-ietf-uta-email-tls-certs-05.txt>), John R Levine Re: UTA: Server certificate management (Re: Last Call: <draft-ietf-uta-email-tls-certs-05.txt>), Mark Andrews Re: UTA: Server certificate management (Re: Last Call: <draft-ietf-uta-email-tls-certs-05.txt>), Joe Hildebrand Re: UTA: Server certificate management (Re: Last Call: <draft-ietf-uta-email-tls-certs-05.txt>), John R Levine Re: UTA: Server certificate management (Re: Last Call: <draft-ietf-uta-email-tls-certs-05.txt>), Viktor Dukhovni Re: UTA: Server certificate management (Re: Last Call: <draft-ietf-uta-email-tls-certs-05.txt>), Harald Alvestrand Re: UTA: Server certificate management (Re: Last Call: <draft-ietf-uta-email-tls-certs-05.txt>), Alexey Melnikov Re: UTA: Server certificate management (Re: Last Call: <draft-ietf-uta-email-tls-certs-05.txt>), Harald Alvestrand Re: UTA: Server certificate management (Re: Last Call: <draft-ietf-uta-email-tls-certs-05.txt>), John Levine <= Re: UTA: Server certificate management (Re: Last Call: <draft-ietf-uta-email-tls-certs-05.txt>), Harald Alvestrand Re: UTA: Server certificate management (Re: Last Call: <draft-ietf-uta-email-tls-certs-05.txt>), Viktor Dukhovni Re: UTA: Server certificate management (Re: Last Call: <draft-ietf-uta-email-tls-certs-05.txt>), John Levine Re: UTA: Server certificate management (Re: Last Call: <draft-ietf-uta-email-tls-certs-05.txt>), Viktor Dukhovni Re: UTA: Server certificate management (Re: Last Call: <draft-ietf-uta-email-tls-certs-05.txt>), John Levine Re: UTA: Server certificate management (Re: Last Call: <draft-ietf-uta-email-tls-certs-05.txt>), Viktor Dukhovni Re: UTA: Server certificate management (Re: Last Call: <draft-ietf-uta-email-tls-certs-05.txt>), John Levine Re: UTA: Server certificate management (Re: Last Call: <draft-ietf-uta-email-tls-certs-05.txt>), Harald Alvestrand Re: UTA: Server certificate management (Re: Last Call: <draft-ietf-uta-email-tls-certs-05.txt>), Viktor Dukhovni Re: UTA: Server certificate management (Re: Last Call: <draft-ietf-uta-email-tls-certs-05.txt>), Harald Alvestrand

Re: UTA: Server certificate management (Re: Last Call: <draft-ietf-uta-email-tls-certs-05.txt>)