> On Jul 26, 2017, at 5:42 PM, Steve Atkins wrote:
>
> It doesn't _really_ matter in the context of deciding whether a certificate
> is being presented by a legitimate domain owner or a MitM.
Well I think that’s the whole solution of DANE, ie validate through DNSSCEC
that
On Tue, Jul 25, 2017 at 9:59 AM, Kirk MacDonald
wrote:
> In addition to what is mentioned in RFC2142, can anyone offer any resources
> (or "best practices") for what can be considered "restricted" email
> addresses/UIDs for a domain which offers mailbox service
You might be going too stringent in that case..
For instance, many people create aliases related to the service they are
working with..
Also, a lot of people use 'throwaway' addresses related to the service..
I remember using 'ticketmaster@' once and surprised at how quickly 3rd party
offers
On Tue, Jul 25, 2017 at 04:59:39PM +, Kirk MacDonald wrote:
> In addition to what is mentioned in RFC2142, can anyone offer any
> resources (or "best practices") for what can be considered "restricted"
> email addresses/UIDs for a domain which offers mailbox service to the
> general public?
> On Jul 26, 2017, at 1:43 PM, valdis.kletni...@vt.edu wrote:
>
> On Wed, 26 Jul 2017 10:10:53 -0700, Brandon Long via mailop said:
>> Why can't smtp software being expected to maintain a list of trusted CAs?
>> Or at least run on an OS that is expected to do so.
>
> Quick: What two CAs did
If it becomes important, I'm sure it can be done.
I mean, you all update your av signatures at least daily, or your spam
rules.
And whether they would need to follow the browser list or whatever isn't
clear, sure.
It's early in this stuff for email, maybe DANE will be the solution that
catches
On Wed, 26 Jul 2017 10:10:53 -0700, Brandon Long via mailop said:
> Why can't smtp software being expected to maintain a list of trusted CAs?
> Or at least run on an OS that is expected to do so.
Quick: What two CAs did Google just remove from Chrome's list?
Has your OS vendor followed suit?
I think the key part is not "expect", but actually don't require it.
-lem
On 26 Jul 2017, at 10:10, Brandon Long via mailop wrote:
> Why can't smtp software being expected to maintain a list of trusted CAs?
> Or at least run on an OS that is expected to do so.
On Wed, Jul 26, 2017 at 1:23 AM, Vittorio Bertola <
vittorio.bert...@open-xchange.com> wrote:
>
> Il 25 luglio 2017 alle 22.25 Grant Taylor via mailop ha scritto:
>
>
> On 07/25/2017 09:14 AM, Vladimir Dubrovin via mailop wrote:
>
> To protect against passive Man-in-the-Middle, there is no actual
Hi,
Not sure if this is being sent by the ESP... it's coming from
136.179.236.38, which whois tells me is:
SWITCH, LTD SWITCH-LTD (NET-136-179-0-0-1) 136.179.0.0 - 136.179.255.255
Shutterfly SHUTTERFLY-236 (NET-136-179-236-0-1) 136.179.236.0 - 136.179.239.255
Thanks,
Dave
On Mon, 24 Jul
> Il 25 luglio 2017 alle 22.25 Grant Taylor via mailop ha scritto:
>
>
> On 07/25/2017 09:14 AM, Vladimir Dubrovin via mailop wrote:
>
> > > To protect against passive Man-in-the-Middle, there is no actual
> > difference between the self-signed certificate and certificate
11 matches
Mail list logo