On Fri, May 16, 2014 at 09:48:18PM +0200, Andreas Schulze wrote:
> I can tell only about smtp but here I don't see a real difference.
> Hosts with perfect double dns mostly also use a corresponding helo name
> while host without mostly lack also the matching helo name.
> (my feeling, no detailed statistics...)
Most hosts also don't have TLSA records. No loss. This feature
would allow some clients to be "more equal than others". The server
might then apply special access policies with these "more equal
clients". Because unlike SIP or XMPP, SMTP is uni-directional,
and the mail transport is store and forward, the potential value
of client authentication for SMTP is more limited than for the
other protocols, but may still be useful.
> > _$PROTO._clientauth.$CLAIMED_NAME
>
> I like the phrase CLAIMED_NAME but I see no benefit
> on using 'smtp' as $PROTO vs. the numeric portnumber ?
The origin domain is authorizing SMTP clients to act on its behalf,
more so than the right to reach a particular remote port. This said,
the lookup key will be application-specific, and it is perhaps a bit
early to do a deep-dive into that now...
--
Viktor.
_______________________________________________
dane mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dane
