Speaking of reporting specifically: On 26 Mar 2016, at 00:45, Mark Risher <[email protected]> wrote:
>> it still requires a core MTA upgrade to the sender before it actually >> improves security for the domain...So I see no actual deployment benefit for >> the SMTP policy negotiation by putting it in DNS. > > This is where we might differ. I feel that even the reporting mode – making > any TLS MITM very visible – does have benefit, and in our prototype > deployment we have already found actionable intelligence through offline > reporting based on existing logs. A way to report TLS failures is valuable. In addition to XML versa JSON, there are other reporting mechanisms like ARF (see RFC 6650, for example) which seems applicable to this. I am quite concern about yet another reporting mechanism, which is different from other 3 (maybe more) already defined mechanisms.
_______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
