On Tue, Jun 11, 2013 at 11:50:01PM +0200, Daniel Pocock wrote: > Something that doesn't have these limitations: > > http://tools.ietf.org/html/rfc2487#section-7 > > This is also relevant (not just for Postfix): > > http://www.postfix.org/TLS_README.html#client_tls_encrypt > > "Despite the potential for eliminating passive eavesdropping attacks, > mandatory TLS encryption is not viable as a default security level for > mail delivery to the public Internet. Most MX hosts do not support TLS > at all, and some of those that do have broken implementations. On a host > that delivers mail to the Internet, you should not configure mandatory > TLS encryption as the default security level. "
So you want DANE. That's the only reasonable way for mandatory TLS encryption; too bad, server support is pretty bad currently. Other TLS schemes provide at most opportunist encryption: all it takes for an attacker is to redirect a connection elsewhere. With DANE, you can securely tell whether your recipient supports encryption or not, and obtain the TLS certificate. Of course, this is for values of "securely" that trust ICANN, but at least this is strictly better than the CA cartel. And if we shipped (tz style) keys of individual TLDs, even ICANN could be avoided. -- ᛊᚨᚾᛁᛏᚣ᛫ᛁᛊ᛫ᚠᛟᚱ᛫ᚦᛖ᛫ᚹᛖᚨᚲ -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130612134354.ga29...@angband.pl
