[dane] Comcast - Outbound DANE Announcement (comcast.net)

"Brotman, Alexander" <Alexander_Brotman@comcast.com> Wed, 19 July 2017 14:31 UTC

Return-Path: <Alexander_Brotman@comcast.com>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 22FEB131C73 for <dane@ietfa.amsl.com>; Wed, 19 Jul 2017 07:31:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D9-4iotbwWwy for <dane@ietfa.amsl.com>; Wed, 19 Jul 2017 07:31:05 -0700 (PDT)
Received: from copdcmhout02.cable.comcast.com (copdcmhout02.cable.comcast.com [96.114.158.212]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 515911318A3 for <dane@ietf.org>; Wed, 19 Jul 2017 07:31:05 -0700 (PDT)
X-AuditID: 60729ed4-f3fff70000007520-8b-596f6d279109
Received: from COPDCEX18.cable.comcast.com (Unknown_Domain [96.114.156.147]) (using TLS with cipher AES256-SHA256 (256/256 bits)) (Client did not present a certificate) by copdcmhout02.cable.comcast.com (SMTP Gateway) with SMTP id 5C.CB.29984.72D6F695; Wed, 19 Jul 2017 08:31:04 -0600 (MDT)
Received: from COPDCEX19.cable.comcast.com (147.191.124.150) by COPDCEX18.cable.comcast.com (147.191.124.149) with Microsoft SMTP Server (TLS) id 15.0.1293.2; Wed, 19 Jul 2017 08:31:02 -0600
Received: from COPDCEX19.cable.comcast.com ([fe80::3aea:a7ff:fe36:8380]) by COPDCEX19.cable.comcast.com ([fe80::3aea:a7ff:fe36:8380%19]) with mapi id 15.00.1293.002; Wed, 19 Jul 2017 08:31:02 -0600
From: "Brotman, Alexander" <Alexander_Brotman@comcast.com>
To: "dane@ietf.org" <dane@ietf.org>
Thread-Topic: Comcast - Outbound DANE Announcement (comcast.net)
Thread-Index: AdMAm4J0mX+hxnD6SFKz6FjdP3IoQQ==
Date: Wed, 19 Jul 2017 14:31:01 +0000
Message-ID: <7c7ccefb29d348c2bae363a6ac47b7de@COPDCEX19.cable.comcast.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [68.87.29.11]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-CFilter-Loop: Forward
X-Brightmail-Tracker: H4sIAAAAAAAAA11TXUwUVxj1zsyuA+7VYZbdvUyB6hitUkVq+9DYpjFNatTEqtHErJrIsAzs yuzOZmYWxAdDaNI2/iQQbHHxB2iof6gPIkaiWZLVhGLSqkjUqH0QIVGUREFtiC16784OzvZp vjnnnnvO9917WZrvzBLYUMSQtYikiM5splQ70rR0UVj1lwwNFn15pa/RsRKs7uiYpDaArdlf l8tKqFrWln1Tmh38Y+wtHU3M3HXx1AG6DtQ594IsFnFfoM6BLsdekM3y3EkK9TY+p8yfJEC3 fmmdaf70A3T22HkHkTi5FWjs3U80qXO5+aj7bg9Fajf3FdrfdQ+Y+Eo0dKYJi1lcF6Ox2xtJ yXAL0OjharICcmvRRPxBSgk4L/rn+plUTXM+dH+4lTLDcajjyg3arD3o6eMph1mXoO7fEwzZ EnEfo5dH09IlqO3yuNOsP0XH25/RplUO6o8PM6bUh65eu+RoAJ4Wm1uLTd5ik7fY5G2AOQ0K A2q0PBAOqjGjZHlxQCpT5OKAGg5IukG+50HqRI4NXgK3m1cnAccC0QXHg6qfd0jVem04CapY SvTAIxBDs8vU8tqgpAd3aDFF1sVcOLAVw3AaLospVaIAFyoYdU+jEblGV2QDXwGxEH47EfHz vmlOj+nRUCCkxvQdMU3BR8jSeFtpO9m2XKrdLWuqaZYEH7GM6IMMHfbzXKVkyFWyHJU1i61h WRHBX6uwMEeTK+VdFSHFsGisi/dhX87OpMIWwO8UTHjthC3vPNhUgWnBTv8/MsVmJUEl68K5 HxF7qEelsB6qTFu74Y1tGHVZaMo2D84gS3kLtFkWwC1kRF6LyrS7DvYBtv7FhVcU+/OhyTcU z0TUiCz44CdkP46IgrHIdOOCF/ZvLPXzc2wECSDkw/0E99jwDxmEufAJYfNsbGYM6yGPggC+ MW64mJy4Cz/zD33zsJBEmpUGU20jmJM6oDRm6zofVpCuPWkm020Uj5fC43WvU8h4Dcmwj/ch QV0Wmh7vAAF5C8wYbzOhvBaV6STUAbm+s2Fky+et5x6fuwD6TnTSy48enLjau2nfzj1/9t75 73Dbij3O9oN9i2esN/5q+DHe/Vu7L//t8e1TCzZ7i143NK9qrKifO+Sac3PR1MXEtvt5I/F/ d04eqt+9bn1344OpRKLn5uC9VtRf01vU4/k+WfODRs/u+nt8eNbI2gMvruUWrBFERg9KnxXR mi69B6y967w+BQAA
Archived-At: <https://mailarchive.ietf.org/arch/msg/dane/nj_8u7aTNqGBws9NIqlV5sQ0JUQ>
Subject: [dane] Comcast - Outbound DANE Announcement (comcast.net)
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Jul 2017 14:31:07 -0000

(Previously sent to the dane-users@sys4 list, but thought this might also be good for visibility/notice)

Hello,

Some time ago, Comcast rolled out TLSA records for senders to utilize when sending to "comcast.net" recipients, allowing senders to authenticate the certificates presented by our MTAs.   In continuing support for DANE, we intend to deploy pilot code for outbound DANE this week, allowing us to do the same for traffic coming from our platform destined for other sites.  We will pilot this with a few chosen domains that we've contacted and have made aware of our plans.  Once we feel more comfortable with this, we will remove the restrictions and attempt DANE for all destination domains (with an exemption list for known-broken destination domains).  If you would like to submit your domain to be part of the pilot, please drop me a note off-list.

--
Alex Brotman
Sr. Engineer, Anti-Abuse
Comcast