On Mon, Apr 04, 2016 at 05:24:59PM +0200, Aaron Zauner wrote:
> As for authentication/TOFU: I see no better proposal than TACK around.
I was briefly interested in TACK for SMTP before I started work on
DANE 2 years ago, but gave up after realizing that TACK cannot
protect the MX records. Without protecting the MX records you get
no active attack protection.
STS proposes to validate MX records (MX host patterns) via HTTPS,
at which point one can consider various mechanisms for authenticating
the credentials of the validated MX hosts.
Are you proposing TACK without WebPKI for the STS HTTPS URL or
WebPKI + TACK pins? Note also that secondary MX hosts are rarely
used so senders will often lack prior contact with these, but an
attacker can block access to the primary MX, at which point you
get cold-start with a secondary MX (reducing TACK to WebPKI).
--
Viktor.
_______________________________________________
Uta mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/uta
