'DANE for SMTP' (RFC7672) became an Internet Standard in October 2015. The year before that, Posteo.de and Unitymedia.de had become the first ISPs to deploy DANE on their mail platforms serving millions of customers. Their engagement for secure and downgrade resistant mail transport paved the way for wider adoption of DANE and helped to make DANE become an IETF standard.

What started as a nerdy feature for security freaks has become mandatory part of Germanys Federal Office for Information Security (BSI) Technical Guideline „TR-03108 Secure EmailTransport“ – the standard for certified secure SMTP server in Germany. Besides the Dutch Standardisation Forum put 'DANE for SMTP' on the comply-or-explain-list in 2016 making it an compulsory standard for governments when investing in new ICT-systems for email. DANE is also one of the standards that the Dutch Internet Standards Platform is promoting and that can be tested for on their website Internet.nl.

DANE deployment has been monitored world-wide from the start. This presentation will give facts, figures and advice what it takes to run a modern, secure and stress-free SMTP server with DANE. Furthermore the Dutch ISP XS4ALL will share its experience with 'DANE for SMTP'.

Presentation

Here you will find the slides of the talk.


Details

time: 11:30
speakers: Gerben Klein Baltink

Other sessions:

IoTHoney: Open Source IoT Honeypotting


Disrupting Financial Cybercrime


Let’s Update the Way we Do Updates


Constraints for Code: an Economic Analysis of Policies for Secure Digital Products