On Thu, Feb 28, 2013 at 07:28:18PM +, Tony Finch wrote:
> http://tools.ietf.org/html/draft-ietf-dane-srv
One quick comment on Section 7.3 of the above. This section is
broken. Certificate name checks are *only* appropriate with
certificate usage 0 and 2, and are *never* appropriate with usag
On Thu, Feb 28, 2013 at 07:28:18PM +, Tony Finch wrote:
> (2) There is a draft for MTA-to-MTA SMTP. In addition to saying "use
> draft-ietf-dane-srv" (which covers most of what needs saying) it also
> addresses the fact that RFC 3207 doesn't specify how to validate mail
> server certificates.
