Thanks. very helpful. One more question, though. You say:
With All of the MX hosts having the same private key and certificate: *(this is true for us)* ... Or else multiple such TLSA RRs one per real MX host behind the load-balancer, if the number of back-end hosts is reasonably small. *(this number is currently 9 for us)* On what what basis would we decide between a single TLSA record for the MX vs. individual TLSA records for each actual host? Is it that there some intrinsic advantage in having individual records vs. the effort of creating N records? Or is it something else? Thanks again, John -- John Hascall <j...@iastate.edu> Team Lead, Network Infrastructure, Authentication, & Directory Services IT Services, The Iowa State University of Science and Technology On Wed, Jan 7, 2015 at 2:16 PM, Viktor Dukhovni <postfix-us...@dukhovni.org> wrote: > On Wed, Jan 07, 2015 at 02:07:25PM -0600, John Hascall wrote: > > > Assume I have a domain with DNSSEC and inbound mail servers behind a > > (load-balanced) MX which support TLS. > > With All of the MX hosts having the same private key and certificate: > > > If I've been following along correctly, if I publish a DNS record of the > > form: > > > > _25._tcp.mx.example.org. IN TLSA 3 1 1 *<sha2-256 digest of DER leaf > public key in X.509 SPKI format>* > > Or else multiple such TLSA RRs one per real MX host behind the > load-balancer, > if the number of back-end hosts is reasonably small. > > > this will make some (currently smallish?) set of mail servers sending to > me > > have a better assurance they are really talking to me. > > Is this correct? > > Yes, and definitely smallish. Basically folks running Postfix 2.11 with: > > smtp_dns_support_level = dnssec > smtp_tls_security_level = dane > > and a validating resolver on 127.0.0.1 as the only entry in > /etc/resolv.conf > > I have no count of sites that implement client-side DANE, I can > only survey the domains that publish TLSA RRs for such sites to > use. > > > And does "*leaf public key" *refer to the public key associated with the > > cert used for STARTTLS or ...something else...? > > The former: > > printf '_25._tcp.%s. IN TLSA 3 1 1 %s\n' \ > $(uname -n) \ > $(openssl x509 -in cert.pem -noout -pubkey | > openssl pkey -pubin -outform DER | > openssl dgst -sha256 -binary | > hexdump -ve '/1 "%02x"') > > -- > Viktor. >
