> On Nov 6, 2018, at 5:49 PM, Alice Wonder <[email protected]> wrote:
>
> Yes. If I understand MTA-STS correctly, the purpose of the https component is
> to mitigate fraudulent MX records, policy mode, and time to live. Using
> DNSSEC to mitigate shouldn't be required, I respect the right for some system
> administrators to choose not to trust it, but I think it simplifies MTA-STS
> for system administrators who do trust it.
This proposal makes some sense. Don't know whether it can get broader support,
but I for one am not opposed. It even aligns with Jim Fenton's REQUIRETLS
draft, which combines DNSSEC + WebPKI authenticated MX hosts under similar
conditions, but the policy is triggered by sender request, not a signal
from the receiving domain.
>
>> If so, I don't recall this being discussed, it is of course too late
>> to add this to the already published RFC. If this idea has support,
>> it could become a separate draft. The main obstacle is that "testing"
>> in the HTTPS policy would no longer be seen. If that remains important
>> to publishers, we'd need an additional (otherwise optional)
>> "mode=testing|enforce" in the TXT record too, that would be used only
>> if the TXT record is DNSSEC-validated, but otherwise ignored.
>> Basically, this would move the substance of the policy from HTTPS
>> to DNSSEC, and caching, ... become unnecessary, because DNSSEC reliably
>> delivers fresh data.
>
> I think caching may still be a good idea in case a the records are modified
> resulting in validation error.
Here I disagree, or misunderstand your point. With a fresh DNSSEC-validated
TXT record, there seems to be little reason to cache, and you even get
downgrade protection on first contact. What you don't get is defense from
compromise of any of the all too many WebPKI CAs, and the weak DV domain
verification they perform. But if that's all that's available, it is better
than nothing.
--
Viktor.
_______________________________________________
Uta mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/uta
