Hello All, This related to the below part of the latest uta-mta-sts-13 draft
>The primary motivation of MTA-STS is to provide a mechanism for domains to ensure transport >security even when deploying DNSSEC is undesirable or impractical. However, MTA-STS is >designed not to interfere with DANE deployments when the two overlap; in particular, senders who >implement MTA-STS validation MUST NOT allow a "valid" or "testing"-only MTA-STS validation to >override a failing DANE validation. My questions are 1.If we are going to implement MTA-STS then, whether it should be compulsorily used with DANE ?If Not why ? as we have faced many problems related to CA's in past. 2.Whether MTA-STS is fully capable of securing email transmission without the help of any other technologies like DKIM,SPF,DMARC or DANE ? Thanks Regards Ranjana
_______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
