* Patrick Ben Koetter <postfix-users@postfix.org>: > * Viktor Dukhovni <postfix-users@postfix.org>: > > On Tue, Jul 29, 2014 at 03:57:24PM +0200, Per Thorsheim wrote: > > > > > I don't know if this list is aware of this project? > > > > > > https://github.com/EFForg/starttls-everywhere > > > > The EFF folks behind this effort have reached out to me and we've > > discussed some of the issues. I am somewhat ambivalent about this, > > as it introduces a non-scalable registry that does fully address > > the problem, and perhaps reduces incentives to do it right and > > deploy DANE. On the other hand, DNSSEC adoption by large providers > > is a non-trivial effort, and they cannot yet deploy DANE as quickly > > as they may be able to sign up for the EFF registry. So I am not > > sure whether this is a step forward or sideways. > > > > > An intermediate effort before DNSSEC and DANE (hopefully) gets seriously > > > deployed around the world and various TLDs. EFF will talk about this at > > > PasswordsCon next week in Las Vegas, and I'll make references to this > > > and DANE TLS in my talk at the DEFCON Crypto & Privacy Village. I'm very > > > happy to see that these issues are gaining a lot of attention these days. > > > > > > Viktor: Is the IEEE meeting done yet? Any status update for DANE TLS? > > > > I think you mean IETF (not IEEE). Yes IETF Toronto is done, and > > the SMTP draft is basically ready and has not been changed in many > > weeks. The main hold-up is that the WG chairs wanted to publish > > the SMTP and SRV drafts together, but the latter is substantially > > less ready. Perhaps I should ask the chairs to decouple these. > > > > The Toronto meeting was looking at the OPS draft which updates DANE > > TLSA in general (not SMTP specific). > > > > The only issue in the SMTP draft that may require final review by > > the DANE WG is digest agility, I'll post a message to the list > > this week, now that everyone is back from Toronto, and try to > > wrap it up. > > > > In the mean-time Patrick Koetter et. al. are doing great work in > > Germany getting more organizations to deploy DANE. So far: > > > > posteo.de (email provider) > > mailbox.org (email provider) > > bund.de (German Parliament) > > For the books: sys4 did not enable bund.de. But we helped to spread the news. > More German ISPs coming soon...
Oh, and we didn't enable mailbox.org either. Heinlein did that. It's their product. p@rick -- [*] sys4 AG https://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein
