On Fri, Jan 10, 2014 at 01:52:17PM +, Viktor Dukhovni wrote:
> There are also some DANE related parameters for the
> TLS library:
>
> tls_dane_digest_agility = on
> tls_dane_digests = sha512 sha256
> tls_dane_trust_anchor_digest_enable = yes
Another
> > - Troubleshooting
>
> - Quick and Dirty configuration
>
> - Client in brief.
>
> DNS and SMTP agent settings.
> tls policy table for exceptions:
> - non-dane for emergencies (assuming not an MITM attack).
> - dan
On Fri, Jan 10, 2014 at 11:44:04AM +0100, Patrick Ben Koetter wrote:
> Viktor,
>
> we're lucky to have Carsten Strotmann on our team (here at sys4). You may know
> him for his expertise on DNS. Carsten offered to assist in writing the
> DANE_README.
Thanks. Very much appreciated.
> I'd like yo
Viktor,
we're lucky to have Carsten Strotmann on our team (here at sys4). You may know
him for his expertise on DNS. Carsten offered to assist in writing the
DANE_README.
I'd like you/others to go over the following TOC to make sure we cover all
necessary aspects:
- What is DANE
- Benefits of u
Viktor Dukhovni:
> On Mon, Jan 06, 2014 at 11:33:26AM +0100, Patrick Ben Koetter wrote:
>
> > > Thus the need for a DANE_README.html, any volunteers? All the
> > > required material is scattered about in:
> > >
> > > http://vdukhovni.github.io/ietf/draft-ietf-dane-smtp-with-dane-05.html
> >
On Mon, Jan 06, 2014 at 11:33:26AM +0100, Patrick Ben Koetter wrote:
> > Thus the need for a DANE_README.html, any volunteers? All the
> > required material is scattered about in:
> >
> > http://vdukhovni.github.io/ietf/draft-ietf-dane-smtp-with-dane-05.html
> > http://www.postfix.org/po
I'll handle editing and review if you'd like.
--Corey
> On Jan 6, 2014, at 2:33 AM, Patrick Ben Koetter wrote:
>
> * Viktor Dukhovni :
>>> On Sun, Jan 05, 2014 at 01:49:34PM +0100, Kurt Roeckx wrote:
>>> (I think it's all documented somewhere, but some parts are
>>> repeated and not exactly th
* Viktor Dukhovni :
> On Sun, Jan 05, 2014 at 01:49:34PM +0100, Kurt Roeckx wrote:
> > (I think it's all documented somewhere, but some parts are
> > repeated and not exactly the same, and so it's a bit spread
> > out.)
>
> Thus the need for a DANE_README.html, any volunteers? All the
> required
On Sun, Jan 05, 2014 at 01:49:34PM +0100, Kurt Roeckx wrote:
> I've been looking at the current state of TLS support in postfix.
> I notice that the documentation on the website says it will
> support DANE in the 2.11 version.
Correct. Have not yet had time to write a separate
Hi,
I've been looking at the current state of TLS support in postfix.
I notice that the documentation on the website says it will
support DANE in the 2.11 version.
DANE will make it possible for us to have mandatory encryption, so
I would like to see that we can get the best out of that.
S
10 matches
Mail list logo
