On Tue, Jul 28, 2020 at 02:02:06PM -0400, Wietse Venema wrote:
> > The MSA needs be authenticated before password-equivalent authentication
> > is performed.
>
> Authenticate what hostname? The SRV record is like an MX record on
> steroids, there are no guarantees about what hostname to expect.
Exactly, and yet, implicit (or perhaps even explicit, I don't recall the
details) in RFC6186 is the expectation that the hostname to be checked
in the certificate will be the *target* of the SRV RRset.
There are of course SRV-ID subject alternative names, which would be fit
for purpose, but no mainstream CA that I know of issues such
certificates.
> Is DNS over HTTP supposed to be the answer for that?
No, that's just a transport, what's needed is authenticity of the data,
while DoH and DoT are only about privacy. For authentic DNS records,
what's needed is DNSSEC.
Now of course a particular domain's MSAs could include in their
certificates some fixed name associated with the owner-name of
the SRV RRset, and the SMTP client could be configured to expect
that name, rather than the SRV target, but I wonder how common
such deployments are in the wild.
What I see much more often than RFC6186 is various "autodiscover"
names in DNS, which serve XML data describing service location
in more detail than an SRV record:
https://www.blackhat.com/docs/asia-17/materials/asia-17-Nesterov-All-Your-Emails-Belong-To-Us-Exploiting-Vulnerable-Email-Clients-Via-Domain-Name-Collision-wp.pdf
Deployment of RFC6186 is AFAIK rather thin at present.
--
Viktor.
