* Viktor Dukhovni <postfix-users@postfix.org>: > On Tue, Jul 29, 2014 at 03:57:24PM +0200, Per Thorsheim wrote: > > > I don't know if this list is aware of this project? > > > > https://github.com/EFForg/starttls-everywhere > > The EFF folks behind this effort have reached out to me and we've > discussed some of the issues. I am somewhat ambivalent about this, > as it introduces a non-scalable registry that does fully address > the problem, and perhaps reduces incentives to do it right and > deploy DANE. On the other hand, DNSSEC adoption by large providers > is a non-trivial effort, and they cannot yet deploy DANE as quickly > as they may be able to sign up for the EFF registry. So I am not > sure whether this is a step forward or sideways. > > > An intermediate effort before DNSSEC and DANE (hopefully) gets seriously > > deployed around the world and various TLDs. EFF will talk about this at > > PasswordsCon next week in Las Vegas, and I'll make references to this > > and DANE TLS in my talk at the DEFCON Crypto & Privacy Village. I'm very > > happy to see that these issues are gaining a lot of attention these days. > > > > Viktor: Is the IEEE meeting done yet? Any status update for DANE TLS? > > I think you mean IETF (not IEEE). Yes IETF Toronto is done, and > the SMTP draft is basically ready and has not been changed in many > weeks. The main hold-up is that the WG chairs wanted to publish > the SMTP and SRV drafts together, but the latter is substantially > less ready. Perhaps I should ask the chairs to decouple these. > > The Toronto meeting was looking at the OPS draft which updates DANE > TLSA in general (not SMTP specific). > > The only issue in the SMTP draft that may require final review by > the DANE WG is digest agility, I'll post a message to the list > this week, now that everyone is back from Toronto, and try to > wrap it up. > > In the mean-time Patrick Koetter et. al. are doing great work in > Germany getting more organizations to deploy DANE. So far: > > posteo.de (email provider) > mailbox.org (email provider) > bund.de (German Parliament)
For the books: sys4 did not enable bund.de. But we helped to spread the news. More German ISPs coming soon... p@rick -- [*] sys4 AG https://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein
