|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Sahil Tandon (sahil
tandon.net)
Date: Fri Dec 26 2008 - 11:41:29 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Victor Duchovni wrote:
> On Fri, Dec 26, 2008 at 08:25:12AM -0500, Sahil Tandon wrote:
>
> > sean darcy wrote:
> >
> > > Victor Duchovni wrote:
> > >> On Mon, Dec 22, 2008 at 12:08:20PM -0500, Asif Iqbal wrote:
> > >>
> > >>> smtp_use_tls = yes
> > >>>
> > >>
> > >> This is obsolete. Set:
> > >>
> > >> smtp_tls_security_level = encrypt
> > >>
> > >> or better (given suitable CAfile or CApath):
> > >>
> > >> smtp_tls_security_level = secure
> > >>
> > >
> > > So where would you get the certificate to authenticate to google or
> > > 1and1.
> >
> > The smtp (client), as opposed to the smtpd (server), does not need a
> > certificate to authenticate to google.
>
> Irrelevant, an SMTP client that wants to verify Google's augthenticity
> needs the root CA certificate of the CA that signed Google's cert.
Agreed. My point is that a cert is *not* needed to authenticate to
Google's submission service. If, and only if, the client wants to
verify authenticity is the signing root's cert required.
> Yes the client does not need its own private keys and associated certs,
> but that is not the point.
It is not the point and thus was not alleged.
[...]
--
Sahil Tandon <sahiltandon.net>
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]