* Brad Chandler <brad.chand...@mbchandler.net>: > I've set up DNSSEC and the TLSA records for my domains. And I think > I have setup dane for smtp correctly in Postfix. I see "Verified TLS > connection established to" in my logs when connecting to a server > with TLSA records. > > Should I also be seeing "Verified TLS connection established from" > when someone using dane connects to my server? I've used several > validators such as https://dane.sys4.de/smtp/mbchandler.net, and > they all say that everything is correct.
No you shouldn't. Actually you can't. DANE, as it is today, does not provide any means for mutual verification. At the moment you will only see "Verified TLS …" on the client side. p@rick -- [*] sys4 AG https://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein
