[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: home server for email box

On 2023-03-12 07:21:55 +0100, tomas@tuxteam.de wrote:
> On Sat, Mar 11, 2023 at 11:43:35PM +0100, Vincent Lefevre wrote:
> > But what's the point of a certificate in this particular case
> > (the server bendel.debian.org does not need to authenticate
> > the client)?
> 
> It is just part of the TLS protocol. You might configure your mail
> server to present a certificate to its peers. The usual TLS stuff,
> just wrapping SMTP.

Yes, but here, that's optional. So I'm wondering whether you really
miss anything. Note also that a client certificate may be sent only
if it is requested by the server, and if client certificates are
requested, then there are issues with some clients:

http://www.postfix.org/TLS_README.html#server_vrfy_client

-- 
Vincent Lefèvre <vincent@vinc17.net> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)
Reply to: