I just got the sendmail 8.11.2 sources and compiled and configured
them for STARTTLS. It is great that you provide this functionality,
and great that you make it freely available.
I had some problems configuring, which I would like to share with you
in the spirit of making it easier for those doing it in the future.
Some of my comments are directed at the OpenSSL folks.
Let me start by telling you my background, to give some context for my
experience. A am very familiar and comfortable with sendmail, SMTP,
cf and mc files. I understand Diffie-Hellman and public-key
cryptography. I use PGP. I have compiled and configured ssh. When I
started, I didn't know what "X.509" is or what a "request" is. (These
terms come up a lot in the OpenSSL manual pages.) All in all, I think
my profile is on the well-informed side of average for people who will
be setting up sendmail.
What I wanted is the same functionality I get from ssh:
- I want to encrypt the SMTP conversation on the wire, so my site's
email is safe from prying eyes in the network.
- I want basic protection from man-in-the-middle attacks, obtained by
remembering previous host behavior and host keys.
I want these things because I can get them. I don't feel the need to
authenticate--we never used to with SMTP and that's still fine. So I
see no need for keys signed by a trusted CA. All in all, I think my
requirements here are similar to those of many.
What I felt to be missing from the documentation I read was how to
create this basic setup. I had to get and build OpenSSL (version
0.9.6) for the first time for this task. I did not find in the
OpenSSL documents a basic introduction to X.509, CA's, requests, etc.
There is a section in the Sendmail Operations Guide on "Certificates
for STARTTLS," which was very helpful. Without this section, I would
have flailed around a lot more than I did. I'm still wondering, what
is the DHParameters variable in sendmail.cf?
By comparison, ssh (version ???) was simple to set up: I created a
local private host key and I pointed ssh at a file to collect remote
host public keys. (I recognize that some of the complication of
STARTTLS configuration may be that TLSv1 may be a more complicated
protocol than ssh uses.) It seems a pity that I can't have sendmail
use the key and host file I'd already set up for ssh. (Maybe if I had
OpenSSH?)
I'm not even sure I'm getting as much from sendmail as I am from ssh.
Is sendmail recording and remembering previous host keys presented?
This message describes some places where I felt I could have gotten a
little more guidance in setting up STARTTLS. Where I asked specific
questions, consider that a request to enhance the documentation,
rather than a request for a personal reply to me. I fear that setting
this up is currently so complicated that it will prevent wide-spread
adoption of STARTTLS support, and that would be a shame.
< Stephen
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
