Re: [exim-dev] DANE SRV(/MX): mixed mode; multiple certs

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Phil Pennock
Date:  
À: Tony Finch
CC: exim-dev
Sujet: Re: [exim-dev] DANE SRV(/MX): mixed mode; multiple certs
On 2013-03-28 at 12:59 +0000, Tony Finch wrote:
> Yes. I think for inter-domain SMTP the PKIX usages are worthless, since
> the existing stuff that is out there does not validate certificates, so
> the backwards compatibility concerns are very different. For protocols
> with clients that currently validate, there is perhaps some tiny value in
> continuing to support CA cert revocation (even if it is amazingly crappy).
> But probably the only value is for the CAs themselves...


You've two drafts, right? One for SMTP specifically? :)

> It probably is the right thing to treat 0/1 the same as 2/3. But that's an
> argument about RFC 6698 which belongs on the DANE list not in my spec :-)


I've given up trying to get my mail through to ietf.org lists, and
postmaster@ has proven to be a black hole. Sorry, you get direct mail
from me instead.