SMTP Security via Opportunistic DNS-Based Authentication of Named Entities (DANE) Transport Layer Security (TLS)
RFC 7672

Approval announcement
Draft of message to be sent after approval:

From: The IESG <>
To: IETF-Announce <>
Cc: RFC Editor <>,
    dane mailing list <>,
    dane chair <>
Subject: Protocol Action: 'SMTP security via opportunistic DANE TLS' to Proposed Standard (draft-ietf-dane-smtp-with-dane-19.txt)

The IESG has approved the following document:
- 'SMTP security via opportunistic DANE TLS'
  (draft-ietf-dane-smtp-with-dane-19.txt) as Proposed Standard

This document is the product of the DNS-based Authentication of Named
Entities Working Group.

The IESG contact persons are Stephen Farrell and Kathleen Moriarty.

A URL of this Internet Draft is:

Technical Summary

This document explains in  detail how MTAs (Mail-Transfer-Agent) use
TLSA records in setting up TLS protected sessions. This document is
based on implementation and deployment experience. The
document covers offers guidance on many corner cases in both in DANE
TLS setup as well in mail transport. 

This document has been implemented in two major MTA distributions, and
there is growing usage base. 

Working Group Summary

There has been good solid discussion on this document, there is strong
consensus about the whole document. 

Document Quality

The document is detailed and covers many corner cases some of with are
DNS related to email. The protocol specified here is tested in
practice and that is reflected in the document. The document educates
the readers about choices to avoid pitfalls in implementations and operations. 
Email people are encouraged to review the document. 
It is helpful to read this document along with its companion document
draft-ietf-dane-srv-xx.  The two document cross reference
each other to avoid duplication. 


Document Shepherd: Olafur Gudmundsson
Area Director: Stephen Farrell