On Monday, 15 March 2021 11:38:04 CET, Henning Krause wrote:
Hi,
As a developer for an email security gateway, I'm all in favor
of validating the SAN instead of the CN on the SMTP level.
And though SMTP mostly uses opportunistic TLS, mandatory use of
TLS is increasing with more people adopti
On Wednesday, 17 March 2021 07:53:25 CET, Eliot Lear wrote:
On 17 Mar 2021, at 06:57, Watson Ladd wrote:
On Mon, Mar 15, 2021, 2:59 AM Eliot Lear
wrote:
Architecturally, Rich is nailing it. We should be
encouraging the use of SANs. However, use of SANs beyond the
scope of the web may not
> On 19 Mar 2021, at 12:20, Hubert Kario wrote:
>
> it's also a place that needs to keep on moving forward as new attacks and
> more powerful computers come into light every year
Sure. That’s why I support the draft.
>
>>> which nothing short of
>>> MUST NOT seems to get across.
>>
>> Why
On Friday, 19 March 2021 15:12:25 CET, Eliot Lear (elear) wrote:
On 19 Mar 2021, at 12:20, Hubert Kario wrote:
it's also a place that needs to keep on moving forward as new attacks and
more powerful computers come into light every year
Sure. That’s why I support the draft.
which nothin
Hubert,
This is it for me. Apparently you are not going to be convinced that the world
is bigger than the web. This is not about excuses, but the real world. It is
not about lawyering- few of us here, if any are lawyers. Probably a good
thing. Again, I am happy for this document to extend
On Wed, Mar 17, 2021 at 07:53:25AM +0100, Eliot Lear wrote:
> The alternative view is that we shouldn’t break stuff or write edicts
> we know will be ignored. AR certs are burned into products. They’re
> NEVER going to change, and some code in some contexts need to expect
> them. That includes,
On Fri, Mar 19, 2021 at 05:19:17PM +0100, Eliot Lear wrote:
> This is it for me. Apparently you are not going to be convinced that
> the world is bigger than the web. This is not about excuses, but the
> real world. It is not about lawyering- few of us here, [...]
I think you've convinced yours
