At long last, I have got what I hope is a plausible spec for using DANE with IMAP, POP3, and message submission. I think my main struggle was working out what I did not need to put in the document. The compatibility bits are particularly tricky. The structure owes a fair amount to Matt Miller and PSA's XMPP draft, and to RFC 6186.
I have also made a minor revision to my other draft which is now draft-fanf-dane-smt-04. This is mainly to flag up points for discussion in Vancouver. All questions / comments / suggestions welcome! Tony. -- f.anthony.n.finch <[email protected]> http://dotat.at/ Trafalgar: Variable mainly northwesterly 3 or 4, but easterly 5 to 7 at first in far southeast. Rough at first in far southeast, otherwise slight or moderate. Showers, fog patches. Moderate or good, occasionally very poor. ---------- Forwarded message ---------- Date: Wed, 27 Jun 2012 11:58:10 -0700 From: [email protected] To: [email protected] Subject: New Version Notification for draft-fanf-dane-mua-00.txt A new version of I-D, draft-fanf-dane-mua-00.txt has been successfully submitted by Tony Finch and posted to the IETF repository. Filename: draft-fanf-dane-mua Revision: 00 Title: DNSSEC and TLSA records for IMAP, POP3, and message submission Creation date: 2012-06-27 WG ID: Individual Submission Number of pages: 8 URL: http://www.ietf.org/internet-drafts/draft-fanf-dane-mua-00.txt Status: http://datatracker.ietf.org/doc/draft-fanf-dane-mua Htmlized: http://tools.ietf.org/html/draft-fanf-dane-mua-00 Abstract: This specification describes the effect that DNSSEC has on SRV-based autoconfiguration and TLS certificate verification in the mail user agent protocols IMAP, POP3, and message submission. It also describes how to use TLSA DNS records to provide stronger authentication of server TLS certificates. The IETF Secretariat _______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
