Re: [exim] massive increase in SSL handshake failures after …

Etusivu
Poista viesti
Vastaa
Lähettäjä: Wolfgang Breyha
Päiväys:  
Vastaanottaja: exim-users
Aihe: Re: [exim] massive increase in SSL handshake failures after root-CA update
On 21/01/14 00:35, Viktor Dukhovni wrote:
> Because asking for client certificates tickles bugs in client
> implementations, and unlike MSAs with client cert based access
> rules, MX hosts accept mail from everyone, even cleartext clients,
> so client certs are not useful (everything works the same or better
> without them).


MX hosts do not accept mail from everyone. Maybe theoretically but not in
the real world. There is this "little" topic called SPAM. And IMO a
verifiable client cert can provide useful information about a connecting host.

But in general you're right. Requesting them only makes sense if the result
is used.

Greetings, Wolfgang
--
Wolfgang Breyha <wbreyha@???> | http://www.blafasel.at/
Vienna University Computer Center | Austria