Changes between Initial Version and Version 1 of Ticket #16896, comment 2
- Timestamp:
- Apr 4, 2021, 3:36:51 AM (4 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Ticket #16896, comment 2
initial v1 1 As far as Iam aware DKIM without DNSSEC doesn't work, since there is no trusted way the public key can de gotten.1 As far as I am aware DKIM without DNSSEC doesn't work, since there is no trusted way the public key can de gotten. 2 2 3 3 DANE is basically either a hash of the TLS certificate or a certificate anchor in a TLSA record to verify against, this is for TLS certificate verification. Many mail servers fo not even have a ca root certs bundle as a potential alternative, so either do DANE or no validation.
