From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from forward105p.mail.yandex.net ([77.88.28.108]) by ewsd; Tue Jul 21 09:11:02 EDT 2020
Received: from mxback7j.mail.yandex.net (mxback7j.mail.yandex.net [IPv6:2a02:6b8:0:1619::110])
	by forward105p.mail.yandex.net (Yandex) with ESMTP id 3C5EA4D40374
	for <9front@9front.org>; Tue, 21 Jul 2020 16:02:45 +0300 (MSK)
Received: from sas2-e7f6fb703652.qloud-c.yandex.net (sas2-e7f6fb703652.qloud-c.yandex.net [2a02:6b8:c14:4fa6:0:640:e7f6:fb70])
	by mxback7j.mail.yandex.net (mxback/Yandex) with ESMTP id UkV8mgnBKv-2j6aYDga;
	Tue, 21 Jul 2020 16:02:45 +0300
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.com; s=mail; t=1595336565;
	bh=MnYYWvx9qL0x3HW1ut1qY4dXBtyqe3HY0uwFsUPdxJ8=;
	h=In-Reply-To:Subject:To:From:References:Date:Message-ID;
	b=L+HTodPNPSbgmPQnkDBkEvmrGBjcQkcvnA1FlKNGOtcrrq1Fv9ilPcAcnKYy/xcR4
	 3m5aBlQH3Zh0g+t53oOztZuLD+53d0sQWs4cUSwp1fYZWsnKf1oR5HquhdLrerRQ8B
	 mDKarFxA655s5hr5dUEV8DDZfW5bNrdaFqEXI5xA=
Authentication-Results: mxback7j.mail.yandex.net; dkim=pass header.i=@yandex.com
Received: by sas2-e7f6fb703652.qloud-c.yandex.net (smtp/Yandex) with ESMTPSA id zRtGpGPUz4-2iEqMgSt;
	Tue, 21 Jul 2020 16:02:44 +0300
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	(Client certificate not present)
Date: Tue, 21 Jul 2020 15:02:43 +0200
From: Steffen Nurpmeso <sdaoden@yandex.com>
To: 9front@9front.org
Subject: Re: [9front] patch smtp: ignore unrecognized certificates
Message-ID: <20200721130243.wCkC4%sdaoden@yandex.com>
In-Reply-To: <20200720221909.GB55786@wopr>
References: <20200720220016.lADRh%sdaoden@yandex.com>
 <6D952754AB9D27E80055574342EDA465@eigenstate.org>
 <20200720221909.GB55786@wopr>
Mail-Followup-To: 9front@9front.org
User-Agent: s-nail v14.9.19-87-gef7dc32e
OpenPGP: id=EE19E1C1F2F7054F8D3954D8308964B51883A0DD;
 url=https://ftp.sdaoden.eu/steffen.asc; preference=signencrypt
BlahBlahBlah: Any stupid boy can crush a beetle. But all the professors in
 the world can make no bugs.
List-ID: <9front.9front.org>
List-Help: <http://lists.9front.org>
X-Glyph: ➈
X-Bullshit: encrypted API DOM-aware locator 

Kurt H Maier wrote in
<20200720221909.GB55786@wopr>:
 |On Mon, Jul 20, 2020 at 03:05:15PM -0700, ori@eigenstate.org wrote:
 |>> In November 2019 they waved through RFC 8689:
 |> 
 |> Nice, with luck we'll be able to turn it on by 2029 :)
 |
 |It is a failure of the IETF process that this sort of crap (which
 |recommends MTA-STS) is shoved through while taking extremely simple
 |steps like "standardizing an SMTP+TLS port" is regarded as impossible.
 |I suggest the current approach (manually confirming fingerprints or else
 |declaring them irrelevant) is superior in just about every way.

Yes.  Luckily "SUBMISSIONS" on 465 is finally also standardized.

--steffen
|
|Der Kragenbaer,                The moon bear,
|der holt sich munter           he cheerfully and one by one
|einen nach dem anderen runter  wa.ks himself off
|(By Robert Gernhardt)