On Sat, Nov 21, 2015 at 02:41:29PM +0000, Alexey Melnikov wrote: > > (1) In Introduction says: > > > > Note that this document doesn't apply to use of TLS in MTA-to-MTA > > SMTP. > > > > Can this be enhanced to include a pointer to where this can be found? > > Currently this is discussed in draft-friedl-uta-smtp-mta-certs, but this > is not a WG document, so I would rather not have a pointer. IIRC that document is not really intended to be standards track, I think it is intended to be more of a BCP for facilitating explicit secure-channels between domains that to manually configure mandatory TLS security. [I expect to be involved in further progress on that document]. MTA-to-MTA at scale is opportunistic, and the relevant documents for opportunistic discovery and use of TLS authentication in SMTP are presently RFC 7435 and RFC 7672. -- Viktor.