On Tue, Sep 03, 2013 at 08:59:24PM -0700, Ian Fette (????????) wrote:
> " The STARTTLS client then expects to see STARTTLS in the
> EHLO response if it has a TLSA RRset." - this wasn't clear from my reading
> of the RFC. Where is that specified, or well understood? If that's a safe
> assumption, that certainly simplifies things, but this was not clear from
> my (admittedly hurried) reading of the RFC.
See my earlier reply.
Downgrade-resistant opportunistic TLS is out of scope for RFC 6698,
this subject will be covered in various application-specific documents
that specify how DANE is to be used for the protocol in question.
--
Viktor.
_______________________________________________
dane mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dane
