On Jun 11, 2012, at 8:57 AM, Tony Finch wrote: > Janne Snabb <[email protected]> wrote: >> >> IMHO it seems pretty pointless to implement DANE for SMTP without the >> ability to verify both sides of the conversation. > > The point of server authentication for SMTP is to make sure you are > sending mail where you intend to. > > The point of client authentication is ... what?
...to make the server sure it is speaking to the client it thinks it is. > What the server cares about is the authenticity of the message data, which > has relatively little to do with where it came from and even less to do > with the client host name. That's one view; another is that the two parties both want to be sure of the others' identity. Jakob and I are dealing with client auth in our S/MIME proposal; it could be applied to client certificates as well. _______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
