Results DANE for SMTP Survey
Moritz Müller
moritz.muller at sidn.nl
Mon Nov 29 10:56:16 CET 2021
Hi all,
A while ago we’ve asked the members of this mailing list to fill in a survey about DANE management.
First of all: Thanks to everyone who filled in the survey!
We’ve processed the results which are now part of our paper "Under the Hood of DANE Mismanagement in SMTP”, which is going to be published at usenix security [1].
Overall, we see that the vast majority of domain names that outsource their SMTP server (which is the majority of all domain names) configure DANE correctly.
Self hosted SMTP servers, however, are misconfigured frequently.
Especially keeping the TLSA records from a name server and certificates from an SMTP server synchronized is not straightforward.
You can read the full abstract and paper here [1].
—
Moritz
[1] https://www.usenix.org/conference/usenixsecurity22/presentation/lee
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <https://mail.sys4.de/pipermail/dane-users/attachments/20211129/819b2698/attachment.asc>
More information about the dane-users
mailing list