Chris Palmer <[email protected]> wrote: > > * It's not clear that SMTP over TLS is very beneficial,
It is not beneficial at the moment because it is underspecified - there is no specification that says which identity to check against the certificate (mail domain vs. host name), and there are significant problems with either choice. In practice this has led to most SMTP server certificates being unvalidatable or containing the wrong name. See also draft-fanf-dane-smtp for a possible way to sort out this mess. > because you can't stop delivery due to pin validation failure (or really > even regular old X.509 failure). I disagree. You can (and usually have to) stop delivery for DNS failures; there is no reason why you can't do the same for authentication errors. Tony. -- f.anthony.n.finch <[email protected]> http://dotat.at/ Northwest FitzRoy, Sole, Lundy, Fastnet: Southwesterly backing southerly 4 or 5. Moderate, occasionally rough in northwest Fitzroy and west Sole. Rain or thundery showers. Moderate or good. _______________________________________________ websec mailing list [email protected] https://www.ietf.org/mailman/listinfo/websec
