> "DB" == Doug Barton writes:
DB> IMO the "main" draft could use a little more clarity, including some
DB> more examples, and personally I would incorporate the MX text in the
DB> same draft. It's true that the MX and SRV cases are distinct, but
DB> they're not _that_ different.
Didn't Tony
> > The Certificate provided by spodhuis.org authenticates the
> target mx.spodhuis.org,
> > but not the query domain (which is spodhuis.org).
>
> To be clear: for mail delivery, you want:
> http://tools.ietf.org/html/draft-ietf-dane-smtp-01
>
> The SMTP case is not quite the same as the SRV c
On 06/10/2013 03:40 PM, Phil Pennock wrote:
On 2013-06-10 at 14:56 +, Zuleger, Holger, Vodafone DE wrote:
The Certificate provided by spodhuis.org authenticates the target
mx.spodhuis.org,
but not the query domain (which is spodhuis.org).
To be clear: for mail delivery, you want:
http:
On 06/10/2013 05:40 PM, Dan York wrote:
I would be glad to add others, such as yours, Phil, if you are okay
having it publicly listed.
Dan,
Feel free to list mine as well, for both web and mail.
hth,
Doug
___
dns-operations mailing list
dns-operati
On 2013-06-11 at 00:40 +, Dan York wrote:
> I don't know if those are already in your list of six domains. I would be
> glad to add others, such as yours, Phil, if you are okay having it
> publicly listed.
Sure thing, go for it.
> It is great that you are doing this DANE/DNSSEC work for Exim
Phil,
On 6/7/13 12:34 PM, "Phil Pennock" wrote:
>Folks,
>
>As part of a push to get both Exim and Postfix supporting DANE with TLSA
>records, per current IETF drafts, I'm wondering if anyone here has
>deployed both DNSSEC signing for a zone and TLSA records within that
>zone for their MX hostna
On 2013-06-10 at 14:56 +, Zuleger, Holger, Vodafone DE wrote:
> The Certificate provided by spodhuis.org authenticates the target
> mx.spodhuis.org,
> but not the query domain (which is spodhuis.org).
To be clear: for mail delivery, you want:
http://tools.ietf.org/html/draft-ietf-dane-smtp-
On 06/10/2013 07:56 AM, Zuleger, Holger, Vodafone DE wrote:
Hi,
| My domain with such records is "spodhuis.org", and I'm happy for its
| mail-server to be similarly probed for interop purposes.
I added the _25._tcp TLSA record, feel free to use my domain
(dougbarton.us) for such testing. My MX
Hi,
> | My domain with such records is "spodhuis.org", and I'm happy for its
> | mail-server to be similarly probed for interop purposes.
>
> I added the _25._tcp TLSA record, feel free to use my domain
> (dougbarton.us) for such testing. My MX server is postfix 2.10.
as far as I understand dra
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 06/07/2013 09:34 AM, Phil Pennock wrote:
| Folks,
|
| As part of a push to get both Exim and Postfix supporting DANE with TLSA
| records, per current IETF drafts, I'm wondering if anyone here has
| deployed both DNSSEC signing for a zone and TLSA
> Jeroen Massar jeroen at massar.ch
> > As part of a push to get both Exim and Postfix supporting DANE with TLSA
> > records, per current IETF drafts, I'm wondering if anyone here has
> Do you have a guide/howto for doing the whole setup?
If you have x.509 certficates, then current versions
On 2013-06-07 at 10:02 -0700, Jeroen Massar wrote:
> Do you have a guide/howto for doing the whole setup?
>
> As it sounds quite interesting to get that up and running.
No, but one will be part of a chapter of The Exim Specification, when I
find time to get the coding work done.
Loosely: make su
On 2013-06-07 09:34, Phil Pennock wrote:
> Folks,
>
> As part of a push to get both Exim and Postfix supporting DANE with TLSA
> records, per current IETF drafts, I'm wondering if anyone here has
> deployed both DNSSEC signing for a zone and TLSA records within that
> zone for their MX hostnames?
13 matches
Mail list logo
