On Sat, Jan 04, 2014 at 07:58:20PM +0100, Michael Str?der wrote: > > While indeed SMTP with DANE TLS relies on DNSSEC to secure the > > MX lookup, it also critically relies on DANE for two additional > > pieces of information: > > > > - Downgrade resistant STARTTLS support signalling. Without > > this MITM attackers simply suppress STARTTLS and the sender > > proceeds in cleartext. > > This entirely depends on the fallback configuration of the sender. > Proceeding with clear-text communication also happens with DANE/TLSA if the > sender is configured to send the message in any case.
I'll keep this short, avoiding the need for EDNS0 replies. You appear to still not have read (at least section 2, but ideally the whole draft): http://vdukhovni.github.io/ietf/draft-ietf-dane-smtp-with-dane-05.html#rfc.section.2 Until you have, and unless you have detailed substantive comments, this branch of the thread is mere pontification. DANE for SMTP comes with a *required* fallback model. If you have substantive comments, the DANE WG list is likely a better forum. A substantive comment that argues that DANE adds nothing new to SMTP would begin by explaining in detail how SMTP to MX TLS security is possible without DNS data integrity (thus making it possible to not trust the root zone signature or any additional trust-anchors for critical peer domains). -- Viktor. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
