On Thu, May 08, 2014 at 04:43:41PM +0200, Heiko Schlittermann wrote:
> since there is currently a lot work done with respect to tls
> information, I'd like to bring the following into discussion again.
>
> What do you think about it?
>
> (Viktors opinion was, that we shouldn't leave the decision about
> aborting/continuing of the TLS session to the user, but I think, giving
> providing this option is more in the spirit of exim.)
To be clear, I have no problem with giving users a configuration
option to either enforce or not enforce authentication. should not
be left to the user. Rather, I think it would be a mistake and a
disservice to force the user to implement a state-machine that
optionally performs authentication.
Exim should internally provide the state-machine, users should be
free to either enable it or not. Users may decide what to when
DANE authentication fails, but not whether it failed.
Exim SHOULD provide:
* User interface to require/enable/disable DANE TLS
* User interface to abort/warn on DANE TLS authentication
failure.
Exim SHOULD NOT require:
* Complex ${if ...} state-machines to perform hostname
matching, taking into account the certificate usage,
dealing with multiple subjectAltName DNS values, and
multiple reference identifiers in DANE, which depend
on the DNS data for the target domain!
--
Viktor.
