|
|
|
|
|
|
by soetis1
3737 days ago
|
|
|
The draft is very clear about DANE being preferred from both a security and deployment perspective (does't need to get certificates for all hosted domains). Sure, if DNSSEC fail, then SMTP-STS is better than nothing. I'm pretty sure that the big providers could have had deployed DNSSEC relatively easily, if they just wanted to. I think other DNS-based email security features such as DKIM and DMARC motivates DNSSEC as well. |
|
|