> On 11 Apr 2016, at 22:38, Mark Risher wrote:
>
> Hi, everyone:
> Hope you all made it home safely.
>
> I think we can do that by requiring that outbound MTAs
> that implement the "webby" approach MUST/SHOULD first test
> for, and process, TLSA records for the next MX in the path.
> In other
I'm not sure if I'm being stupid here, but what does it mean for STS to be
"trumped" by DANE (or the reverse)? Do you mean that if the recipient
domain/MX has both STS and DANE you will *only* validate the DANE policy?
If we instead said that senders who validate STS must honor STS and senders
who
On Tue, Apr 12, 2016 at 06:52:31PM +0200, Daniel Margolis wrote:
> I'm not sure if I'm being stupid here, but what does it mean for STS to be
> "trumped" by DANE (or the reverse)? Do you mean that if the recipient
> domain/MX has both STS and DANE you will *only* validate the DANE policy?
Correct
