Jack, Tuesday, February 4, 2003, 7:16:04 AM, you wrote: JB> From: "Daniel Senie"
I'd be happy to see certs in use for MTA-MTA (and indeed support this today on my systems when talking to other MTAs which are using STARTTLS). ... JB> I'm concerned with MTA to MTA. ... A flag day is JB> necessary, and certification from MTA to MTA is necessary.
Please consider how many MTAs interact on the global Internet. Please consider that each is operated by a different, independent organization. Please consider that there is no single authority over all those organizations. A flag day is not possible for changing the infrastructure of any network operation that is large. Even when there is a single authority, service operators cannot perform a conversion "instantly". In a medium-sized company -- and that means that theoretically there is a single authority over everyone -- a serious change to the network infrastructure will take at least 6 months. For the Internet, it takes many years to obtain broad adoption of a change. d/ ps. Please note that there is still no large-scale use of certificates, although the technology for them has existed for years. Therefore it is important to be very conservative, when specifying a system behavior that depends upon their use. -- Dave <mailto:dcrocker@brandenburg.com> Brandenburg InternetWorking <http://www.brandenburg.com> t +1.408.246.8253; f +1.408.850.1850