On Wed, Jan 07, 2015 at 02:07:25PM -0600, John Hascall wrote:

> Assume I have a domain with DNSSEC and inbound mail servers behind a
> (load-balanced) MX which support TLS.

With All of the MX hosts having the same private key and certificate:

> If I've been following along correctly, if I publish a DNS record of the
> form:
> 
>   _25._tcp.mx.example.org. IN TLSA 3 1 1 *<sha2-256 digest of DER leaf public 
> key in X.509 SPKI format>*

Or else multiple such TLSA RRs one per real MX host behind the load-balancer,
if the number of back-end hosts is reasonably small.

> this will make some (currently smallish?) set of mail servers sending to me
> have a better assurance they are really talking to me.
> Is this correct?

Yes, and definitely smallish.  Basically folks running Postfix 2.11 with:

    smtp_dns_support_level = dnssec
    smtp_tls_security_level = dane

and a validating resolver on 127.0.0.1 as the only entry in /etc/resolv.conf

I have no count of sites that implement client-side DANE, I can
only survey the domains that publish TLSA RRs for such sites to
use.

> And does "*leaf public key" *refer to the public key associated with the
> cert used for STARTTLS or ...something else...?

The former:

    printf '_25._tcp.%s. IN TLSA 3 1 1 %s\n' \
        $(uname -n) \
        $(openssl x509 -in cert.pem -noout -pubkey |
            openssl pkey -pubin -outform DER |
            openssl dgst -sha256 -binary |
            hexdump -ve '/1 "%02x"')

-- 
        Viktor.

Reply via email to