>> My impression is that many, perhaps most, existing MTAs can be >> configured to do STARTTLS. But of course, at this point none of them >> have any reporting extensions. Viktor and I can write reporting >> extensions for our favorite MTAs, but under the most optimistic >> scenario it'll take quite a while for those extensions to become >> popular in all the MTAs that people use, and no extension, no in-band >> reporting. > >Legacy MTAs also won't have STS support. We won't get new security >capabilitie ex nihilo.
If you want to do the client stuff, you need new code in the MTA, but for the server side part, publishing a statement saying here's the names of my MXes and what their certificates should look like, you don't. Just stick the info on a web server, publish a DNS record or two to point at it, and you're all set. Given how long the software upgrade cycles are a lot of places, the ability to do at least a partial implementation with existing pieces is likely to be useful. R's, JOhn _______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
