Alice Wonder wrote: > On 12/15/2015 07:40 AM, Michael Storz wrote: >> Sorry for not writing it explicitly. In the case I described, you use >> the domain of the recipient address, because this is the only >> information you can trust (and this domain must be included in the SAN). >> Since you have more than one recipient domain in the described case, you >> must use more than one TLS connection to use the recipient domain for >> SNI. You cannot use the MX record because you cannot trust it (I wrote: >> it is not secured by DNSSEC). > > If you can't trust the MX record then you can't trust the IP address returned > either.
Yes. And that's why TLS hostname check is in place. In this case extended to the recipient's domain being the "hostname" to check. > If you can't trust the IP address returned then you are only secure if a > certificate authority is used, and then you have to trust the certificate > authority. Yes. > My understanding is that there is no agreement upon which certificate > authorities can be trusted. Yes. It's your choice. With DNSSEC I don't have a choice at all. It's a single root key controlled by the entity which was the cause for RFC 7258 (besides the horrible key management practice out in the wild). And frankly I don't trust anybody who is endorsing DNSSEC as the sole solution for all trust problems. We should do better. Ciao, Michael.
smime.p7s
Description: S/MIME Cryptographic Signature
