> > Fair enough; I'm not saying that the protocol doesn't exist, it just > > seems like it's extremely uncommon. BTW, does that require the TLS > > client EKU in the client certificate? It seems like that's going away > > from certificates issued by most public CAs, at least ones that want to > > be part of the Chrome root certificate program. > >I don't care, I pin the certificate on the SMTP relay via fingerprint.
Actually, I think you MIGHT need to care; by default the OpenSSL library will reject a client certificate presented in a TLS exchange unless it contains the TLS client certificate EKU. You need to write a bunch of code to override that requirement and I think the vast majority of servers lack such code. This is an issue if you get your certificates from a commercial CA; if you do your own then it doesn't. --Ken
