On 2012-05-11 at 21:56 +0100, Jeremy Harris wrote: > So, can exim running in client mode observe the stapled information?
At this time, I've only implemented the server code. I've tested it can be seen with "openssl s_client -status". For client code, it may make sense for the Submission case (same as SNI support) but I've thoughts on how to improve that somewhat, more generally, so am holding off for now until post-release. I want to see if I can get some GnuTLS overhauling done tonight, run test suites, then cut RC1. Oh, and I need to look at that "only use outbound connection if the outbound interface matches the configured one" bug. For after this release, I want to explore turning on DNSSEC if the resolver supports it, what that means for finding a verifiable identity for MX delivery, and things like trust-on-first-use support, much as is used by SSH (and has strong support in GnuTLS), to try to tackle the problems of MX host identity. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
