Re: UTA: Server certificate management (Re: Last Call: <draft-ietf-uta-email-tls-certs-05.txt>)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> On Dec 3, 2015, at 3:15 PM, John R Levine <johnl@xxxxxxxxx> wrote:
> 
> I think the problem that we're trying to address here is setting up a MUA and wanting to ensure that it's talking to the correct SUBMIT, POP, and IMAP servers.  You're right that there's all sorts of private networks with mysterious naming, but every smartphone has an MUA that usually does SUBMIT and IMAP, so it would be nice if the phone's MUA could reliably configure itself with minimal help from the user.

See: https://tools.ietf.org/html/draft-daboo-aggregated-service-discovery-03

for an attempt that was made a couple of years ago.  We had a BoF that didn't go particularly well, but if there was interest, I'm pretty sure we could do another one and overcome the objections.

Note that Cyrus's document allows service-specific certificate pinning by bootstrapping from https://*/.well-known, an approach that was resurrected in draft-ietf-xmpp-posh.

-- 
Joe Hildebrand





[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]