On Wed, Apr 1, 2015 at 11:26 AM, John R Levine <[email protected]> wrote: >> I'm OK with sections 4.1 and 6 from your I-D, provided that MUAs that >> implement either MUST implement both. This leaves the choice to mail >> domains, and it addresses the scalability issues discussed. > > You'll notice that my draft says its intended status is experimental. We > really need some experience with this stuff before we try to cast it in > stone. I know of at least two projects to do SMIMEA support in an MUA, so > with any luck we can find out how it works reasonably soon.
It can be experimental if you like, but if we don't require MUA support for both of these methods we'll be stuck later. We must at least recommend it. I don't think publishing as experimental absolves us of addressing that problem now, nor does it mean that we can't have normative or quasi-normaitve language in the document. >> I would add that the URI RRs for section 6 should be signed, that >> clients must validate them with DNSSEC, that the URIs must be HTTPS >> URIs, and that the authority of each such URI SHOULD (MUST?) have TLSA >> RRs. > > Well, sure. I know it's obvious, but it has to be stated. _______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
