Re: [dane] [OT] Deployment news (Germany is plowing ahead)
Viktor Dukhovni <ietf-dane@dukhovni.org> Wed, 19 August 2015 15:17 UTC
Return-Path: <ietf-dane@dukhovni.org>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6EC101B2A9F for <dane@ietfa.amsl.com>; Wed, 19 Aug 2015 08:17:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.1
X-Spam-Level:
X-Spam-Status: No, score=0.1 tagged_above=-999 required=5 tests=[BAYES_50=0.8, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VlT4lrqrd-zu for <dane@ietfa.amsl.com>; Wed, 19 Aug 2015 08:17:15 -0700 (PDT)
Received: from mournblade.imrryr.org (mournblade.imrryr.org [38.117.134.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9BF631B2A95 for <dane@ietf.org>; Wed, 19 Aug 2015 08:17:15 -0700 (PDT)
Received: by mournblade.imrryr.org (Postfix, from userid 1034) id 99FE1284DA0; Wed, 19 Aug 2015 15:17:14 +0000 (UTC)
Date: Wed, 19 Aug 2015 15:17:14 +0000
From: Viktor Dukhovni <ietf-dane@dukhovni.org>
To: dane@ietf.org
Message-ID: <20150819151714.GV24426@mournblade.imrryr.org>
References: <20150728194641.GZ4347@mournblade.imrryr.org> <20150819111321.Horde.AMN770Q1K6o6vnZD0nEE9KN@webmail.kwsoft.de>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <20150819111321.Horde.AMN770Q1K6o6vnZD0nEE9KN@webmail.kwsoft.de>
User-Agent: Mutt/1.5.23 (2014-03-12)
Archived-At: <http://mailarchive.ietf.org/arch/msg/dane/ZN0wz5cLukgeiFYlsXVBXWkiHIg>
Subject: Re: [dane] [OT] Deployment news (Germany is plowing ahead)
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Aug 2015 15:17:21 -0000
On Wed, Aug 19, 2015 at 11:13:21AM +0200, lst_hoe02@kwsoft.de wrote: > FYI : According to the news today the next big deployment in germany is > on the way (german only, sorry) > > http://www.heise.de/newsticker/meldung/Kehrtwende-bei-Mail-Sicherheit-Web-de-und-GMX-fuehren-DANE-ein-2782473.html > > The two brands GMX and web.de affected do around half of the german freemail > traffic. Great news, thanks! Google's "translate" with minor fixes yields in part: At the time United Internet thought DANE "not yet fully mature" by comparison the "E-mail Made in Germany" initiative with Telekom and Strato, founded in August 2013. Therefore, the Emig partners decided to develop their own procedures, explains United Internet now. Since then DANE has attained "sufficient maturity". The launch is scheduled for completion by year end. In response to Heise Networks a company spokesperson explained that the DANE technology will be extended to other domains of the group, including the mail service 1und1.de which uses the same backend as Web.de and GMX. The hosting customers of United Internet are however on Exchange Technology, so DANE is not to be expected in the foreseeable future. The company starts with various additional domains with GMX and will then gradually upgrade the major domains as gmx.de, web.de, gmx.net. So it was easier to deal with any load or quality problems before they come in to customer constraints. I should note that one can publish TLSA records even for Exchange servers, SMTP servers don't need new software to support DANE inbound. Also, just because the mailboxes are on Exchange, does not mean the edge servers sending mail to the rest of the world need to be Exchange. And of course deployment on this scale should help to convince Microsoft to add the required outbound (SMTP client) DANE support. Existing DANE implementors (mostly hobbyists) will soon more quickly notice if they don't do key rollover correctly when they get no inbound mail from these (and I hope soon other similar or larger) providers. -- Viktor.
- [dane] [OT] Deployment news (Germany is plowing a… Viktor Dukhovni
- Re: [dane] [OT] Deployment news (Germany is plowi… Paul Wouters
- Re: [dane] [OT] Deployment news (Germany is plowi… Viktor Dukhovni