Ben wrote: > Lucky Green wrote: > > I also agree that current MTAs' implementations of STARTTLS > are only a > > first step. At least in postfix, the only MTA with which I am > > sufficiently familiar to form an opinion, it appears impossible to > > require that certs presented by trusted parties match a particular > > hash while certs presented by untrusted MTAs can present any > > certificate they desire to achieve EDH-level security. > > This is probably a stupid question, but... why would you want > to do this?
To protect against MIM attacks on the encrypted tunnel between the trust domains represented by my friend's MTA and my MTA. --Lucky Green