On 01/05/16 02:26, John Levine wrote: >>> We talked about this at great length over dinner in Buenos Aires. >>> Demanding a web server at the same domain name used in e-mail >>> addresses is operationally a non-starter for large organizations. >> >> STS is primarily for the large email providers authoring the draft, >> for whom this is not a real obstacle. > > They were there at dinner Buenos Aires, and that is most definitely > not what they said. Perhaps they'll chime in when they get to work > on Monday. > > Indeed, it's pretty much the opposite -- on my tiny FreeBSD box I can > set up the web servers to do whatever I want, but at big organizations > the mail and web operators are often in different silos.
Wouldn't the same argument tend to indicate SRV or a sub-domain are as troublesome, given in many enterprises, mail and DNS can be in different silos? After all, isn't that the core of the stated argument for not doing DANE/DNSSEC? While putting up a sub-domain or an SRV might be easier than signing the DNS, putting up a .well-known also isn't hard. I suspect we're in a place here where there's no answer that's not a bit of work for someone whose job is primarily not email. And as the pain involved will vary based on loads of things even down to the specific personnel involved, I'm not sure how the WG can make a good choice there other than by trying to poll operators or maybe by measuring, if there's some other sufficiently similar webby thing often done for email services. S. > > R's, > John > > _______________________________________________ > Uta mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/uta >
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
