[openssl-users] OpenSSL version 1.1.0 pre release 6 published
Viktor Dukhovni
openssl-users at dukhovni.org
Fri Aug 5 02:51:09 UTC 2016
On Fri, Aug 05, 2016 at 04:33:25AM +0200, Jakob Bohm wrote:
> I haven't read that proposal, but if the HTTPS server has to use the
> same host name as the SMTPS server, then the SMTPS server could just
> use the certificate directly.
There is at best a very tenuous analogy between TLS for HTTP and TLS
for SMTP. So your suggestions miss the mark, unfortunately. :-(
First and forement TLS in SMTP is opportunistic, and compounding
that the destination hosts are discovered indirectly via MX records.
For a more detailed exposition, see:
https://tools.ietf.org/html/rfc7672#section-1.3
[ Or just take my word for it, you are likely busy enough with
other things that I know very little about. ]
--
Viktor.
More information about the openssl-users
mailing list