test message
/dev/rob0
rob0 at gmx.co.uk
Wed Apr 11 13:43:21 UTC 2018
On Wed, Apr 11, 2018 at 08:58:56AM -0400, Thomas Markwalder wrote:
> User states list isn't working.
I think what wasn't working was https://lists.isc.org/ , because the
SSL certificate was expired. This has since been fixed. I posted
about that to the BIND list last night, and DANE (RFC 6698) did not
fail,
Apr 11 00:12:28 harrier postfix/smtp[1273]: Verified TLS connection
established to mx.pao1.isc.org[149.20.64.53]:25: TLSv1.2 with cipher
ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
But then, AFAIK DANE only cares about the RRSIG on the TLSA record,
not about a certificate's own expiration, so a DANE connection can
still be "Verified" while the certificate is expired.
If this doesn't arrive on the list right away it might mean that
ISC's TLSA records were not updated yet for the new certificates. :)
--
http://rob0.nodns4.us/
Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
More information about the dhcp-users
mailing list