Keith Moore <moore@cs.utk.edu> writes:
> or at least, proper behavior isn't well-defined. IMHO, about the only
> behavior that is reasonable (assuming a single cert, which IIRC is
> what TLS assumes) is to have the peer server offer a cert for the
> domain name associated with the A record, not the one associated with
> the MX record.
Just to make sur I understand, do you mean that if someone is sending
mail to ekr@rtfm.com, and there's an MX for rtfm.com pointing to
mail.isp.com, the cert should contain mail.isp.com in the subject
name?
If so, this really isn't satisfactory, because it allows
anyone who can tamper with the DNS to intercept mail
destined for any server.
-Ekr
--
[Eric Rescorla ekr@rtfm.com]
http://www.rtfm.com/