Re: [exim] SNI and DANE TLSA record monitoring

Page principale
Ce message fait partie du fil suivant :
M--+\Arborescence complète du fil triée par date
M-\MMFelipe Gasper à <-
M\M.MFelipe Gasper à ->
Supprimer ce message
Répondre à ce message
Auteur: Jan Ingvoldstad
Date:  
À: exim users
Sujet: Re: [exim] SNI and DANE TLSA record monitoring
On Wed, Oct 19, 2016 at 3:00 PM, Felipe Gasper <felipe@???>
wrote:

I've taken the discussion of the fine details of web configuration off-list.


> > Exim's approach is currently a bit too monolithic to be usable for mass
> > hosting of many domains with separate certificates, separate
> > configurations, and separate logfiles.
>
> Exim’s approach is BEAUTIFUL for the purpose of separate certificates per
> domain.


If separate certificates per domain is where your needs end, sure.


> I’d be fine with some facility to configure by-domain configs, logs, or
> what not in tandem with the certificate. Just as long as it’s still simple
> and easy to determine the certificate by the DOMAIN, not by served content.
>
>
Well, SMTP doesn't "serve content" per se, so I don't really get that
objection.

What I think, is that which certificate gets served, should be fully
configurable based on the information available at the time you need to
serve the certificate. That's not a lot of information. :)

--
Jan
Ce message a été envoyé sur les listes de diffusion suivantes :
Exim-users
Informations sur la liste de diffusion | Messages voisins		<-Re: [exim] SNI and DANE TLSA record monitoringRe: [exim] SNI and DANE TLSA record monitoring->
Tahini and Hummus and Cumin Development Archives administré par cumin AdminsLurker (version 2.3)