On 19/09/16 19:02, Viktor Dukhovni wrote:
> On Mon, Sep 19, 2016 at 10:44:52AM -0700, Jim Fenton wrote:
>>> Delivery is not prioritized over security when the sending domain's
>>> policy requires TLS for the given destination; or when the receiving
>>> domain publishes DANE or (less reliably for initial delivery) STS
>>> policy. What's opportunistic in the presence of DANE or STS is the
>>> use of the stronger requirement dynamically, destination by destination,
>>> via discovery of the destination's policy.
>> It's still opportunistic from the standpoint of a user sending a message
>> and asking whether the message will be transmitted securely.
> Actually, it is not, provided the destination domain has published
> DANE (or perhaps some day STS) policy.
Irrelevant. DANE provides a means for the target MX to request
encryption, REQUIRETLS provides a means for the sender to request
encryption. Both are valuable.
Uta mailing list