On 1/5/19 10:28 PM, Alice Wonder wrote:
Requiring TLS is pointless if the MX record is not secure.
I'm inclined to disagree. - I see value in requiring TLS via STARTTLS even if the MX record wasn't secured. - I say inclined because I can't articulate the combinations of unmodified / modified MX record in conjunction with all the other possibilities that connections can be tampered with. Be it hijacking / route poisoning / simply filtering out STARTTLS but not altering anything else.
That's why MTA-STS needs the https component, to secure the MX record when DNSSEC is not used to do so.When DNSSEC is used, DANE then is better at securing the connection so MTA-STS is only needed when the server and/or client do not support DANE for SMTP.
I disagree.I believe the value of MTA-STS (and HSTS) is the ability to signal that SMTP (HTTP) should -ONLY- be conducted over a secure connection via STARTTLS (TLS). Meaning that SMTP (HTTP) should fail if there isn't a secure connection.
The signaling of this fact is what makes MTA-STS so valuable to me. To me, the other aspects of DNSSEC / HTTPS are simply infrastructure necessary to enable delivery of the STS signal.
-- Grant. . . . unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
