[dane] Comcast - Outbound DANE Announcement (comcast.net)

"Brotman, Alexander" <Alexander_Brotman@comcast.com> Tue, 18 July 2017 17:45 UTC

Return-Path: <Alexander_Brotman@comcast.com>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2F309131B61 for <dane@ietfa.amsl.com>; Tue, 18 Jul 2017 10:45:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9vQkX7wVTO7A for <dane@ietfa.amsl.com>; Tue, 18 Jul 2017 10:45:45 -0700 (PDT)
Received: from copdcmhout02.cable.comcast.com (copdcmhout02.cable.comcast.com [96.114.158.212]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C389512EAB0 for <dane@ietf.org>; Tue, 18 Jul 2017 10:45:45 -0700 (PDT)
X-AuditID: 60729ed4-f3fff70000007520-91-596e4947623d
Received: from COPDCEX23.cable.comcast.com (Unknown_Domain [96.114.156.147]) (using TLS with cipher AES256-SHA256 (256/256 bits)) (Client did not present a certificate) by copdcmhout02.cable.comcast.com (SMTP Gateway) with SMTP id 11.D3.29984.7494E695; Tue, 18 Jul 2017 11:45:45 -0600 (MDT)
To: undisclosed-recipients:;
Received: from COPDCEX19.cable.comcast.com (147.191.124.150) by COPDCEX23.cable.comcast.com (147.191.124.154) with Microsoft SMTP Server (TLS) id 15.0.1293.2; Tue, 18 Jul 2017 11:45:42 -0600
Received: from COPDCEX19.cable.comcast.com ([fe80::3aea:a7ff:fe36:8380]) by COPDCEX19.cable.comcast.com ([fe80::3aea:a7ff:fe36:8380%19]) with mapi id 15.00.1293.002; Tue, 18 Jul 2017 11:45:42 -0600
From: "Brotman, Alexander" <Alexander_Brotman@comcast.com>
Thread-Topic: Comcast - Outbound DANE Announcement (comcast.net)
Thread-Index: AdL/5/3JDv+KMVXPQ3KbzNmnXowQGg==
Date: Tue, 18 Jul 2017 17:45:41 +0000
Message-ID: <695f29bd8ecb4e9da71249f24340166f@COPDCEX19.cable.comcast.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [68.87.29.9]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-CFilter-Loop: Forward
X-Brightmail-Tracker: H4sIAAAAAAAAA11TYWwTVRz33V3LrfS523Vt3+pYxhFDFJl1mrgwogsftIgmIyEs5YPs2j3X ptdruWvZZowh/QBCmmizKLA5mTgWhSGZODMFGRQMKX5gwgIExofJYnRjyRAjbiHivd7duPrl 7n+/3/u93+//f/dYmv+xzMdG5RRWZFES7A6mVfm0e+3GjXLQ/0k/23B3aoxpOH0xZ2uiAgMD C1RganEKNFPbHOvbsBTdiZXnX2l1RBaPrUpes3cWds+CXeCobR8oYxH3Euo9cZjeBxwsz31J odGTB5YRopKrRn29d2w6kQdo788fGh8FgOZu/FSU27l1aO7RHprULq4RZU/eALq6Cf061G3s VIce5s4V1zDc0+j6bLa4BnJvoHvXJyhSA86DHlwaKtY050U3pw9RejwODZy+TOu1G/1x518j th+NHDnD6HUNGlyYpHXtc6j/1J92vV6DBj+fpXWvClQ4OG2s96LzF0ZtHwF3j8WuxyLvsch7 LPJ+wBwFNeFEsi0cjyTSKX99XVgMSbgunIiHRTVF3t+A4ul8NjEKru4P5AHHAsEJJxxykLeJ O9WueB7EWEpww5FVGvRkKNHWFRHVyHYlLWFVqIRbGjUYLsGhtBQTfHDsdQ11LaEy7lAlnNJ+ B6EGHrbHgrx3iVPTajIajibS6va0Imknx9LatmOvkW3bxK53sZLQzfLgKZYRvJCh40GeaxdT OIZxEism28GyAoK9AU1YoeB23PlOVEqZtKb7oZPorEwx7Aq4qVkjPFbCknclbLwQDfI+K/3/ yBRblgftrFPLPUzsoZoU42q03bB2wXEyJKeJFm2rYJrMiDdBi+UKuHWZNiKPSZXaXQI5wGbm v/2LYj84sPA3xc6QJ8/ICRn7vPB9sitHpJG0vNS+zwMLm1uDfLmFIDF81TBLcLcFf5zEVwt/ J2yVhS0NY17tGRDW/hsXvEzcndrFf9w9D7MEXG6AxeaR3nyFgVl6r4ZB0rvbYErdZrQhU9qQ XW9JZMgpMWUd8iRBnSZqDPkKAXkTLBnyfkJ5TKrUybcLNFC/DFa+eT+w+/jw5M1nul7+emT5 hpY1akvmSuCf6b2Zjr6Vbx8sz60/++rtqtDqWP4r/GI9fetB+XcPN+W8wfkz94eO3c1c3JY4 Mf/e5kU5e36Hf/z7LHVo+Ej3x/m+pnhZb2aPB9c+2qD2/XbrnmBvqR3/QgltfWLdnNNfv6Mp 21wQGDUivvAsrajif0daRn1QBQAA
Archived-At: <https://mailarchive.ietf.org/arch/msg/dane/r_NlwJSPpEyKpDMnYQZQSZb3qWA>
X-Mailman-Approved-At: Tue, 25 Jul 2017 04:52:12 -0700
Subject: [dane] Comcast - Outbound DANE Announcement (comcast.net)
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Jul 2017 17:45:47 -0000

Hello,

Some time ago, Comcast rolled out TLSA records for senders to utilize when sending to "comcast.net" recipients, allowing senders to authenticate the certificates presented by our MTAs.   In continuing support for DANE, we intend to deploy pilot code for outbound DANE this week, allowing us to do the same for traffic coming from our platform destined for other sites.  We will pilot this with a few chosen domains that we've contacted and have made aware of our plans.  Once we feel more comfortable with this, we will remove the restrictions and attempt DANE for all destination domains (with an exemption list for known-broken destination domains).  If you would like to submit your domain to be part of the pilot, please drop me a note off-list.

--
Alex Brotman
Sr. Engineer, Anti-Abuse
Comcast
x5364