Closed Stefan-MyBB closed 4 years ago
MTA-STS is planned, no ETA though. DANE is not planned, mostly because Node.js does not natively support resolving TLSA records.
See https://github.com/nodejs/node/issues/39569#issuecomment-1458963478. You can do this with 🍊 Tangerine.
const Tangerine = require('tangerine');
const tangerine = new Tangerine();
console.log(await tangerine.resolveTlsa('_25._tcp.internet.nl'));
[
{
cert: Buffer @Uint8Array [
e1ae9c3d e848ece1 ba72e0d9 91ae4d0d 9ec547c6 bad1ddda b9d6beb0 a7e0e0d8
],
mtype: 1,
name: 'proloprod.mail._dane.internet.nl',
selector: 1,
ttl: 622,
usage: 2,
},
{
cert: Buffer @Uint8Array [
d6fea64d 4e68caea b7cbb2e0 f905d7f3 ca3308b1 2fd88c5b 469f08ad 7e05c7c7
],
mtype: 1,
name: 'proloprod.mail._dane.internet.nl',
selector: 1,
ttl: 622,
usage: 3,
},
]
c-ares going to support this soon, see https://github.com/nodejs/node/issues/39569#issuecomment-1800107384
Are there plans to support DANE and/or MTA-STS?
Google already supports MTA-STS and Microsoft has announced support for DANE.