On 04/12/2015 14:45, [email protected] wrote:
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Using TLS in Applications Working Group of
the IETF.
Title : Updated TLS Server Identity Check Procedure for
Email Related Protocols
Author : Alexey Melnikov
Filename : draft-ietf-uta-email-tls-certs-06.txt
Pages : 10
Date : 2015-12-04
Abstract:
This document describes TLS server identity verification procedure
for SMTP Submission, IMAP, POP and ManageSieve clients. It replaces
Section 2.4 of RFC 2595, updates Section 4.1 of RFC 3207, updates
Section 11.1 of RFC 3501, updates Section 2.2.1 of RFC 5804.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-uta-email-tls-certs/
There's also a htmlized version available at:
https://tools.ietf.org/html/draft-ietf-uta-email-tls-certs-06
A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-uta-email-tls-certs-06
This version addresses IETF LC comments other than the discussion about
hosted domains/use of RFC 6186. In particular I've added one more
example, pasted DNS-ID/CN-ID/SRV-ID definitions from RFC 6125.
I've also made inclusions of DNS-ID with the server's host name a MUST
(upgrade from SHOULD). Original text said SHOULD include DNS-ID and
CN-ID, so I clarified that DNS-ID is required and CN-ID is recommended.
If you don't think that this change is right, please let me know.
I will post another version next week to address the remaining issues.
_______________________________________________
Uta mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/uta
