[dns-operations] Response to the USG proposal to use MTA-STS
Bill Woodcock
woody at pch.net
Tue Sep 21 11:54:14 UTC 2021
>> Il 21/09/2021 00:38 Wes Hardaker <wjhns1 at hardakers.net> ha scritto:
>>
>> Viktor and I have written a response to discuss the USG's proposal [1-3]
>> to use MTA-STS for securing E-mail (as opposed to DANE-SMTP).
PCH has also submitted a response along the same lines, also noting that the USG breaches which occasioned DHS/CISA Emergency Directive 19-01 used the CA cert exploit which MTA-STS is vulnerable to, but DANE-SMTP is not.
-Bill
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20210921/64195fdb/attachment.sig>
More information about the dns-operations
mailing list