From: rbhasin@hss.hns.com
Date: Thu Apr 03 2003 - 08:34:34 EST
Hi,
We are running sendmail on our mail gateway server and are planing use TLS for
exchanging encrypted mails with one of our customers. As per my understanding we
need to have Client (make connection) Server (accept connection) Keys and
Certificates at both ends (Though the server and client certificates and keys
can be same) that can be generated using software packages like openssl.
Now my queries are:
1) In order for working of the same do we need to exchange the publick keys i.e
our Certs if yes how these certificates are exchanged and used.
2) Do these Certificates and Keys at both the ends need to be certified by a
Common-Trusted CA of both parties, so as the Verfication result is OK, i.e. the
certificates are verified.
3) How is the verification of the keys/certificates done by STARTTLS. How
STARTTLS and hence sendmail uses the keys and certificates to encrypt mails ?
4) Do we need to explicitly specify whether with who all we need to communicate
using TLS i.e. by making entries into the access database of the form:
TLS_Srv:customer.mailserver.domain
TLS_Clt:customer.mailserver.domain
or else the sendmail server would try to use TLS with every mail server that it
communicates with and if any of the server supports TLS it will start
communicating using TLS and sending encrypted mails.
Any help in order to clear my doubts would be highly appreciated.
Thanx in Advance
Regds,
- Rajan
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:26:07 EDT