19 May
2025
19 May
'25
4:38 p.m.
On Mon, 19 May 2025, Bjørn Mork wrote:
MTA-STS does the same thing more kludgily for people who don't like DNSSEC. What if I don't like public CA certificates for email servers?
If you don't like it, don't use it. The IETF isn't the Network Police.
Will MTA-STS stay optional, or will it be "optional" like DKIM and SPF?
Given that it does something completely different and is intnded to protect mail you receive rather than mail you send, no.
Why don't we just deprecate MTA-STS and make DANE mandatory, while it is still possible?
It's an open secret that MTA-STS exists because one of the large mail providers doesn't want to use DNSSEC. The IETF is still not the Network Police so there's nothing we can do about it. R's, John