Internet Technologies 19 June 2014

Video: DANEs Don’t Lie – DANE/SMTP (RIPE 68)

Andrew Mcconachie
By Andrew McconachieFormer Intern

How can we secure communications between SMTP mail servers? Simply using TLS between servers will not prevent Man In The Middle(MITM) attacks. DNSSEC and DANE to the rescue! Using DANE, SMTP servers can validate X.509 certificates tied to TLS using DNSSEC lookups. In this lightning talk from Carsten Strotmann, learn how this all works and the current status of implementations. His talk, entitled “DANEs don’t lie – DANE/SMTP” is now available for viewing from the RIPE 68 site, and the slides are available for download.

CarstenStrotmannDANEsDontLie

After watching, check out our resources on DNSSEC and DANE.

Internet Technologies, To archive, Europe,

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Recent Posts

Related Posts

Internet Policy 3 April 2026

DNS Blocking: Mind the Unintended Consequences

As DNS blocking mandates multiply, so do concerns about security, the openness of the Internet, and fragmentation.

Rebuilding Trust 6 September 2024

US Government Networks Get a Security Boost: White House Roadmap Tackles Routing Vulnerabilities

The White House's Roadmap to Enhancing Routing Security is an important step toward strengthening routing security in the United...

Rebuilding Trust 14 May 2024

The US Makes a Big Step Toward Better Routing Security

The US Department of Commerce began implementing better routing security practices—a step in the right direction for wider MANRS...