On Mon, 24 Mar 2014, Paul Wouters wrote:
> On Sun, 23 Mar 2014, Viktor Dukhovni wrote:
>
> >when the TLSA records are entirely unusable, and in keeping with Tony's
> >original work on the SRV draft, the client reverts to legacy
> >mandatory (practically always unauthenticated) TLS.
>
> That's unfortunate. Perhaps it depends on the definition of "unusable",
> but if all TLSA records for instance fail the RRSIG validation, I would
> hope that postfix would abort delivery attempts and definately _not_
> fallback to unauthenticated TLS.
2.1. of draft-ietf-dane-smtp-with-dane-07:
} When a DNS lookup failure (error or "bogus" or "indeterminate" as
} defined above) prevents an SMTP client from determining which SMTP
} server or servers it should connect to, message delivery MUST be
} delayed.
Unusable thus would mean we don't know or like the digest type, or
usage, selector, or matching type.
The 07 dane smtp draft further says:
} A Secure non-empty TLSA RRset where all the records are unusable: A
} connection to the MTA MUST be made via TLS, but authentication is
} not required. Failure to establish an encrypted TLS connection
} MUST result in falling back to the next SMTP server or delayed
} delivery.
Cheers,
--
| .''`. ** Debian **
Peter Palfrader | : :' : The universal
http://www.palfrader.org/ | `. `' Operating System
| `- http://www.debian.org/
_______________________________________________
dane mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dane
