On Sat, May 17, 2025 at 04:00:09PM +0200, Jaroslaw Rafa via mailop wrote:
> > client != user
>
> For email authentication (and that's what we are talking about), we should
> treat them as the same.
Use cases vary, sometimes client certs are used to authenticate a
specific submission user, other times authorised client systems.
Regardless, while I the case for CAs to not issue combo client/server
certificates is not absolutely compelling, trusting public-CA-issued
client certs is ill-advised.
--
Viktor.
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
