Re: [dane] Fwd: New Version Notification for draft-york-dane-deployment-observations-00.txt

Viktor Dukhovni <> Fri, 14 November 2014 16:20 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 1A9D41A1A9B for <>; Fri, 14 Nov 2014 08:20:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 5juQyip5wE5y for <>; Fri, 14 Nov 2014 08:19:58 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 975491A1A88 for <>; Fri, 14 Nov 2014 08:19:58 -0800 (PST)
Received: by (Postfix, from userid 1034) id 72B54282FBE; Fri, 14 Nov 2014 16:19:57 +0000 (UTC)
Date: Fri, 14 Nov 2014 16:19:57 +0000
From: Viktor Dukhovni <>
Message-ID: <>
References: <> <> <>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <>
User-Agent: Mutt/1.5.23 (2014-03-12)
Subject: Re: [dane] Fwd: New Version Notification for draft-york-dane-deployment-observations-00.txt
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DNS-based Authentication of Named Entities <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 14 Nov 2014 16:20:01 -0000

On Mon, Oct 27, 2014 at 11:32:23PM +0000, Viktor Dukhovni wrote:

> Out of ~280 domains that have TLSA RRs, 10 or so had erroneous
> records:

On a more positive note, my (not comprehensive) list of working
SMTP with DANE domains crossed the 360 mark today.  So for SMTP
"Deploy 360" is done.  :-)

Top 10 SMTP with DANE TLDs:

 121 de.
  67 net.
  35 org.
  34 com.
  15 eu.
  13 ch.
   9 cz.
   5 uk.
   5 nl.
   5 info.

As I mentioned before, many of net/com/org/eu/info domains are in
fact registered by DE domain owners, so deployment is still
substantially a DE phenomenon.  It would be good to get some traction
in other jurisdictions.  In Germany and other IT trade
publications have written about DANE, and there have been presentations
at multiple technical conferences for users.  So DANE awareness is
growing there.

Perhaps there could be some similar articles in the US IT press?
Do people still read the US trade rags?  Perhaps it would be easier
to market DANE to users if more MTAs than just Postfix had implementations.  

I'm working with the Exim developers, and they are close to having
it done.  It would be nice to have Microsoft also ship a DANE-capable
Exchange SMTP server, and of course Sendmail.

After that it is support in the various SMTP appliances, IronPort
Barracuda, ... and last but not least the big providers,
Gmail, Yahoo, AOL, ...

I hope this will move faster once the draft is published as an RFC,
but some additional marketing may be helpful if anyone on this list
can pitch implementation to people in a position to make progress