Feature #201

DANE/TLSA support

Added by Georg Schmalhofer almost 5 years ago.

Status:NewStart date:05/13/2014
Priority:NormalDue date:
Assignee:Hiroyuki Yamamoto% Done:


Category:SecuritySpent time:-
Target version:3.5


Dear Sylpheed team,

posteo.de, a small German e-mail provider that recently received some attention because of its focus on protecting its users' privacy, has announced today that they implemented DANE (DNS-based Authentication of Named Entities) for encrypted transport of e-mails.

The concept sounds quite exciting and seems to be much safer than TLS/SSL, as certificates are verified using secured DNS entries, preventing MITM attacks or attacks using fake certificates:

Would it be possible to add DANE support to Sylpheed?
Posteo seems to be the first e-mail provider to use this protocol, but hopefully other providers will follow.

Some links:

DANE browser plugin with source code:

Posteo's press release (German):


Also available in: Atom PDF