On Mon, Mar 18, 2013 at 02:26:05AM +0000, Viktor Dukhovni wrote:
> My implementation of DANE TLSA support for Postfix is code complete
> and passes basic tests. I'd like to test more of the feature-set,
> but at <http://www.internetsociety.org/deploy360/resources/dane-test-sites/>
> I found listed exactly four MX hosts with DANE TLSA records for SMTP:
FWIW with verbose logging you get:
Mar 17 23:09:41 amnesiac postfix/smtp[43739]:
liberty.jhcloos.com[208.68.39.189]:25:
end entity public-key matched=1
sha256
digest=9D:72:F4:AE:A8:83:BA:43:38:BB:C5:7C:83:97:4C:FA:62:6A:10:DC:20:E0:F8:64:BF:80:85:68:27:70:34:34
Mar 17 23:09:41 amnesiac postfix/smtp[43743]:
open.nlnet.nl[213.154.224.2]:25:
end entity public-key matched=1
sha256
digest=68:13:D6:34:71:97:0E:59:FD:57:3F:6B:E1:7E:0C:74:18:1E:B9:D2:14:D3:A2:60:7F:46:D6:B1:C2:B0:48:FA
Mar 17 23:09:41 amnesiac postfix/smtp[43742]:
open.nlnetlabs.nl[213.154.224.1]:25:
end entity public-key matched=1
sha256
digest=0D:1F:CB:D7:16:86:19:96:07:A1:32:74:4A:49:18:FC:20:95:65:C9:1F:A8:E9:FF:EE:A0:AA:FD:6B:93:05:F6
If anyone wants to volunteer to test the code, drop me a note, I'll
send you a pointer to the patched release (documentation in
<html/TLS_README.html#client_tls_dane>).
--
Viktor.
_______________________________________________
dane mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dane
