On Wed, Aug 26, 2015 at 09:43:39PM -0700, Alice Wonder wrote:
> >Furthermore, support for 1->3 mappings might lead users to erroneously
> >expect 0->2 mappings, but the latter are in fact problematic. So
> >supporting neither of the potential mappings is simpler and cleaner.
>
> Okay, thank you.
>
> so
>
> 1 [0|1] 1 hash
>
> is not incorrect, just useless for opportunistic.
Yes, liable to be treated as "unusable", and thus lead to mere
unauthenticated TLS (analogous to Postfix "encrypt" security level).
> Is it safe to assume there are not any (current) downsides to using
>
> 1 [0|1] 1 hash
>
> w/ submission port 587?
Given that there are no MUAs that support DANE, there's no upside
either. As I said before, there is no security advantage to
publishing "1 1 1" over "3 1 1", unless the latter is prohibited
by the application protocol. When you think you want to publish
"1 1 1", you're likely misled by bad advice, and should use
"3 1 1" instead.
Note that just because your certificate might be issued by some
public CA is not reason to use a "1 1 1" TLSA record, certificates
issued by public CAs (often via "intermediate issuers) are just as
compatible with "3 1 1" as any other end-entity (leaf) certificate.
--
Viktor.
