> On Aug 23, 2018, at 5:07 PM, Richard Barnes <r...@ipv.sx> wrote: > > Since we're talking about bare public keys / not verifying certificates > again, a brief reminder: > > https://tools.ietf.org/html/draft-barnes-dane-uks-00 Yes, what do you want to do with that draft? The conclusions for HTTPS are correct. For SMTP, UKS surely does not apply, one can already direct one's SMTP traffic to a different server by just pointing MX records there... Ditto for protocols that use SRV indirection. So I'd support moving that forward, but perhaps with a more nuanced set of conditions on when host name checks must not be skipped. -- Viktor. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
- Re: [TLS] EXTERNAL: Re: integrity only ciph... Ted Lemon
- Re: [TLS] EXTERNAL: Re: integrity only ciph... Viktor Dukhovni
- Re: [TLS] EXTERNAL: Re: integrity only ciph... Eric Rescorla
- Re: [TLS] null auth ciphers for TLS 1.3? Viktor Dukhovni
- Re: [TLS] null auth ciphers for TLS 1.3? Eric Rescorla
- Re: [TLS] null auth ciphers for TLS 1.3? David Benjamin
- Re: [TLS] null auth ciphers for TLS 1.3? Peter Gutmann
- Re: [TLS] raw public keys in the wild? Viktor Dukhovni
- Re: [TLS] raw public keys in the wild? Peter Gutmann
- Re: [TLS] raw public keys in the wild? Richard Barnes
- Re: [TLS] raw public keys in the wild? Viktor Dukhovni
- Re: [TLS] null auth ciphers for TLS 1.3? Wang Haiguang
- Re: [TLS] null auth ciphers for TLS 1.3? Bill Frantz
- Re: [TLS] EXTERNAL: Re: integrity only ciph... Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] EXTERNAL: Re: integrity only ciph... Nancy Cam-Winget (ncamwing)
- Re: [TLS] integrity only ciphersuites Salz, Rich
- Re: [TLS] EXTERNAL: Re: integrity only cip... Jack Visoky
- Re: [TLS] EXTERNAL: Re: integrity only ciph... Ted Lemon
- Re: [TLS] EXTERNAL: Re: integrity only ciph... Jack Visoky
- Re: [TLS] EXTERNAL: Re: integrity only ciph... Ted Lemon
- Re: [TLS] EXTERNAL: Re: integrity only ciph... Jack Visoky
