It's irritating (to say the least) that we have a distributed information service (DNS) that so botched its security implementation that logical things like storing public keys now require a web server, running http (!) and allowing a GET on /.well-known/blah
Is there no alternatives to DNSSEC that would have allowed the equivalent of DANE to be provided somehow?
Blog author here, great question. I think HTTPS was chosen because, as an industry, we have exceptional knowledge of how to securely serve static web content. Some folks are using GitHub Pages for their mta-sts subdomain, for example. It's quite painless to set up and easy to reason about the security it provides.
Using TLS provided by the mail server may have been possible, similar to how the HSTS header is sent over the HTTPS connection. But unfortunately the MTA-STS policy if for the receiving domain (@example.com) and the receiving mail server may be run on a completely different domain. We need a signal that cryptographicly relates to the receiving domain.
It's irritating (to say the least) that we have a distributed information service (DNS) that so botched its security implementation that logical things like storing public keys now require a web server, running http (!) and allowing a GET on /.well-known/blah
Is there no alternatives to DNSSEC that would have allowed the equivalent of DANE to be provided somehow?
Blog author here, great question. I think HTTPS was chosen because, as an industry, we have exceptional knowledge of how to securely serve static web content. Some folks are using GitHub Pages for their mta-sts subdomain, for example. It's quite painless to set up and easy to reason about the security it provides.
Using TLS provided by the mail server may have been possible, similar to how the HSTS header is sent over the HTTPS connection. But unfortunately the MTA-STS policy if for the receiving domain (@example.com) and the receiving mail server may be run on a completely different domain. We need a signal that cryptographicly relates to the receiving domain.
Defaulting to SSL only is the easiest way. I'm surprised the industry has not moved on yet ... my mail server enforces SSL only.