Viktor Dukhovni wrote: > On Fri, Nov 07, 2014 at 09:36:12AM +0100, Michael Str?der wrote: > >> li...@rhsoft.net wrote: >>> until now nobody was able to tell me any benefit of multiple server names >>> for >>> a mailserver instead 1 hostname, 1 certificate and 1 PTR matching the >>> A-record >>> and HELO name with 100, 200, 300, 500 MX records in different domains >>> pointing >>> there >> >> https://tools.ietf.org/html/draft-melnikov-email-tls-certs > > That draft is about MUA to MTA SMTP (email "applications": MUAs, POP, > IMAP, SMTP submission, ...).
I've referenced draft-melnikov-email-tls-certs because MUA-to-MTA was the topic of this thread. > It is not a good fit for MTA to MTA SMTP security. A variant for MTA-MTA communication also exists. > For the latter see the DANE draft. Of course you personally prefer DANE. That's understable given all the high quality work you put into the I-Ds and implementation. But everybody should have a choice in their own deployments. Your mileage may vary... Ciao, Michael.
smime.p7s
Description: S/MIME Cryptographic Signature
