Yo Viktor!
On Mon, 6 Mar 2017 16:30:30 -0500
Viktor Dukhovni <ietf-dane@xxxxxxxxxxxx> wrote:
> > Security Policy can benefit from DNSSEC but it absolutely does not
> > require DNSSEC to provide value.
>
> This is not true for SMTP, which is vulnerable to downgrade attacks
> if the security policy is not made tamper-resistant.
Please do not make the best the enemy of the merely better. Often a
little better is good enough for now.
RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
gem@xxxxxxxxxx Tel:+1 541 382 8588
Veritas liberabit vos. -- Quid est veritas?
"If you can’t measure it, you can’t improve it." - Lord Kelvin
Attachment:
pgpIb3tqjldms.pgp
Description: OpenPGP digital signature