diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 16:18:56 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 16:18:56 +0000 |
commit | b7c15c31519dc44c1f691e0466badd556ffe9423 (patch) | |
tree | f944572f288bab482a615e09af627d9a2b6727d8 /TLS_TODO | |
parent | Initial commit. (diff) | |
download | postfix-upstream.tar.xz postfix-upstream.zip |
Adding upstream version 3.7.10.upstream/3.7.10upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'TLS_TODO')
-rw-r--r-- | TLS_TODO | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/TLS_TODO b/TLS_TODO new file mode 100644 index 0000000..0559010 --- /dev/null +++ b/TLS_TODO @@ -0,0 +1,39 @@ +This list does not really follow priority. + +* Code cleanup: split smtp_session.c into generic SMTP, legacy TLS, + and current TLS. The amount of TLS code now dominates the file. + Do this after all other code revisions stabilize, to avoid + complicating code reviews. + +* Code cleanup: TLS_LEV_NOTFOUND no longer belongs in the TLS + library. It is an SMTP-client only feature. To fix, change the + policy lookup API and use a different method to indicate if a + policy was found. At the same time, fix policy lookup to initialize + session->tls_level. + +* Code cleanup: see if multiple consecutive switches can be aggregated + (set_cipher_grade() and session_tls_init()). + +* Implement support of CRL checking. OpenSSL 0.9.7 finally supports CRLs, + so Postfix/TLS should support loading CRLs. + +* Cleanup the "pfixtls" special logging, so that it fits Wietses original + "per site" decision to make debugging easier. + +* Move TLS based information from separate lines into Postfix's smtpd + logging lines to make logfile analysis easier. + +* Check the "info_callback" for sensitive use. I already had to remove the + "warning alert" issued on normal shutdown. Why is a warning issued for + a normal shutdown?? + +* Introduce new tls_per_client table to achieve the same selective behaviour + for incoming connections. + +* Introduce better support for "opportunistic" encryption: collect information + about peers connecting; log warnings when the key changed etc. + [I am not sure that I already have the best answers available.] + +* Find a way to use the certificates themselves instead of the fingerprints + to allow certificate based relaying. The maintenance of the fingerprints + is a nightmare. |