301294Re: EFF STARTTLS Everywhere project
- Jul 29, 2014* Patrick Ben Koetter <postfix-users@...>:
> * Viktor Dukhovni <postfix-users@...>:Oh, and we didn't enable mailbox.org either. Heinlein did that. It's their
> > On Tue, Jul 29, 2014 at 03:57:24PM +0200, Per Thorsheim wrote:
> > > I don't know if this list is aware of this project?
> > >
> > > https://github.com/EFForg/starttls-everywhere
> > The EFF folks behind this effort have reached out to me and we've
> > discussed some of the issues. I am somewhat ambivalent about this,
> > as it introduces a non-scalable registry that does fully address
> > the problem, and perhaps reduces incentives to do it right and
> > deploy DANE. On the other hand, DNSSEC adoption by large providers
> > is a non-trivial effort, and they cannot yet deploy DANE as quickly
> > as they may be able to sign up for the EFF registry. So I am not
> > sure whether this is a step forward or sideways.
> > > An intermediate effort before DNSSEC and DANE (hopefully) gets seriously
> > > deployed around the world and various TLDs. EFF will talk about this at
> > > PasswordsCon next week in Las Vegas, and I'll make references to this
> > > and DANE TLS in my talk at the DEFCON Crypto & Privacy Village. I'm very
> > > happy to see that these issues are gaining a lot of attention these days.
> > >
> > > Viktor: Is the IEEE meeting done yet? Any status update for DANE TLS?
> > I think you mean IETF (not IEEE). Yes IETF Toronto is done, and
> > the SMTP draft is basically ready and has not been changed in many
> > weeks. The main hold-up is that the WG chairs wanted to publish
> > the SMTP and SRV drafts together, but the latter is substantially
> > less ready. Perhaps I should ask the chairs to decouple these.
> > The Toronto meeting was looking at the OPS draft which updates DANE
> > TLSA in general (not SMTP specific).
> > The only issue in the SMTP draft that may require final review by
> > the DANE WG is digest agility, I'll post a message to the list
> > this week, now that everyone is back from Toronto, and try to
> > wrap it up.
> > In the mean-time Patrick Koetter et. al. are doing great work in
> > Germany getting more organizations to deploy DANE. So far:
> > posteo.de (email provider)
> > mailbox.org (email provider)
> > bund.de (German Parliament)
> For the books: sys4 did not enable bund.de. But we helped to spread the news.
> More German ISPs coming soon...
[*] sys4 AG
https://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein
- << Previous post in topic Next post in topic >>