From 668d8477199b901515e9de79341568b13cdb4521 Mon Sep 17 00:00:00 2001 Message-Id: <668d8477199b901515e9de79341568b13cdb4521.1714923121.git.mdw@distorted.org.uk> From: Mark Wooding Date: Wed, 4 Jul 2018 18:16:47 +0100 Subject: [PATCH] distorted.lisp: Include the correct TLSA record details for SMTP. Organization: Straylight/Edgeware From: Mark Wooding Thanks to Viktor Dukhovni for pointing out that I'd done it wrong. --- distorted.lisp | 9 +++++++-- keys/smtps-stratocaster.pub | 11 +++++++++++ keys/smtps-telecaster.pub | 11 +++++++++++ 3 files changed, 29 insertions(+), 2 deletions(-) create mode 100644 keys/smtps-stratocaster.pub create mode 100644 keys/smtps-telecaster.pub diff --git a/distorted.lisp b/distorted.lisp index bbf0657..22f6726 100644 --- a/distorted.lisp +++ b/distorted.lisp @@ -161,8 +161,13 @@ (defzone distorted.org.uk #p"https-stratocaster"))) (www-cache :tlsa (3127 #1=(:trust-anchor-assertion :certificate :sha-256 #p"distorted-ca"))) - ((bugs lists) :tlsa (:smtp #1# #3#)) - (mail :tlsa ((:smtp :submission :imap :imaps) #1# #2#)) + (mail :tlsa ((:submission :imap :imaps) #1# #3#)) + (mail :tlsa (:smtp #1# + (:domain-issued-certificate + :public-key :sha-256 #p"smtps-stratocaster"))) + ((bugs lists) :tlsa (:smtp #1# + (:domain-issued-certificate + :public-key :sha-256 #p"smtps-telecaster"))) :svc #+view/inside stratocaster.colo #-view/inside stratocaster.jump (cabal :svc stratocaster.colo :sshfp "stratocaster") diff --git a/keys/smtps-stratocaster.pub b/keys/smtps-stratocaster.pub new file mode 100644 index 0000000..f08b2f9 --- /dev/null +++ b/keys/smtps-stratocaster.pub @@ -0,0 +1,11 @@ +-----BEGIN PUBLIC KEY----- +MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAwFUG0fmKRxnAHk97NiWT +lQ7xvTTdtQ/MYWC4uaB1tBcVg8mWufCR5PyP2aqqoZgL4mDeKw5j5XP+8B/qETZ0 +LuGtVTXoWY7scb8RJN9il44fUkxYt2fu9hbTkf+/oHiaiRKuPhcj1B45aPaWqCF0 +FOLmXNf31x38SjRP3s3url9trVu3srpLj/Phd5VB8lGW7/4yPLccQVWfan+uH//p +TKQ+x9FBL+K+nc1mt7reXYAb1VQ1vbGoginItsZ6HCkkOg6HD1G82uEPZEdByU8w +GWqIwfxXLNleAs1CJKXf4s8UY1WdanyHnDrhx0+ktCzGBUQUTwVhg6et9dnNG06E +GCpoiyFNYHtrrzYH4xuh0kLHvwc4w81Jocbi6W1afCA1JEFfuSZIxAfqFKl4BIbJ +2zTyIIpcyw8di9FJxh2xn2ThM3WxuFp+p0c+Iq2OI4qOcQhQBl9iB0ozAfIar7Ho +cCIg130xHF/F5xcIaqKM/KAVYsd/oylvMsV6Ccart84/AgMBAAE= +-----END PUBLIC KEY----- diff --git a/keys/smtps-telecaster.pub b/keys/smtps-telecaster.pub new file mode 100644 index 0000000..9ba1c1a --- /dev/null +++ b/keys/smtps-telecaster.pub @@ -0,0 +1,11 @@ +-----BEGIN PUBLIC KEY----- +MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAnYTlw+AHWS/YXfQPJLL3 +uzpKvLmNBhOVcf4WbyOEuSecfMHposgzdzBkKDv90zDUFkwkUs9PLsu2ofCdORUQ +qeE66NjGUYlyZZKmfYl3VRKmuRmxbuB9Ii/6EwIs1AZ0eSCIFJ4kNK3LGRcRhgbc +xIYxJq9oNI4j11odKUMEZ9+beP6Ozdjk4XTnAB88POOnkDHuMd0hxLf7cnYMu3Gj +gWhSRXCV5NZKbfpz81r3tluaxiK47Mz0Re9meJtBrhU+LiMq05NuouV/pIAF+OHx +bNzrQlKsf0edXpLgXD1/0yFndx1DTdeMjTl2HKPQJmax1Lp21q1eQ+tDwXqDf54Z +6wYJHLvT08mGmr6ZKBD1c/8ak9LTq6ul0Brhz6pwNeEBGbvAAiNn/KyyQn3m1JHf +XdqvoT2bbXil3139JnqlzqwF3fKtNG6SJ1X9KyrYEK+uq8CFLrUIeaVL8wU9ewsn +4rbQU4zNAWrFkUfIiMeXfOf7E6yymKSB7r8ysWSku/H1AgMBAAE= +-----END PUBLIC KEY----- -- [mdw]