[RFC Home] [TEXT|PDF|HTML] [Tracker] [IPR] [Errata] [Info page] | www.rfc-editor.org
[RFC Home] [TEXT|PDF|HTML] [Tracker] [IPR] [Errata] [Info page] | www.rfc-editor.org
[RFC Home] [TEXT|PDF|HTML] [Tracker] [IPR] [Errata] [Info page] | www.rfc-editor.org
Errata Search| www.rfc-editor.org
The Authenticated Received Chain (ARC) protocol provides an authenticated "chain of custody" for a message, allowing each entity that handles the message to see what entities handled it before and what the message's authentication assessment was at each step in the handling. ARC allows Internet Mail Handlers to attach assertions of message authentication assessment to individual messages. As messages traverse ARC-enabled Internet Mail Handlers, additional ARC assertions can be attached to mes...| IETF Datatracker
SMTP MTA Strict Transport Security (MTA-STS) is a mechanism enabling mail service providers (SPs) to declare their ability to receive Transport Layer Security (TLS) secure SMTP connections and to specify whether sending SMTP servers should refuse to deliver to MX hosts that do not offer TLS with a trusted server certificate.| IETF Datatracker
[RFC Home] [TEXT|PDF|HTML] [Tracker] [IPR] [Errata] [Info page] | www.rfc-editor.org
A number of protocols exist for establishing encrypted channels between SMTP Mail Transfer Agents (MTAs), including STARTTLS, DNS- Based Authentication of Named Entities (DANE) TLSA, and MTA Strict Transport Security (MTA-STS). These protocols can fail due to misconfiguration or active attack, leading to undelivered messages or delivery over unencrypted or unauthenticated channels. This document describes a reporting mechanism and format by which sending systems can share statistics and speci...| IETF Datatracker
Public Key Infrastructure using X.509 (PKIX) certificates are used for a number of purposes, the most significant of which is the authentication of domain names. Thus, certification authorities (CAs) in the Web PKI are trusted to verify that an applicant for a certificate legitimately represents the domain name(s) in the certificate. As of this writing, this verification is done through a collection of ad hoc mechanisms. This document describes a protocol that a CA and an applicant can use to...| IETF Datatracker