On 3/14/19 10:08 AM, Stephan von Krawczynski via dovecot wrote:
Some facts for you, as obviously you have not understood what a CA is worth that is compromised by either hackers or "authorities". If you want to know more, read articles about closing of CA DigiNotar, like: https://en.wikipedia.org/wiki/DigiNotar
I am well aware of what happens when a CA is compromised and man-in-the-middle attacks become possible. Your initial mail implied that the user's own keys would be compromised. Running your own CA is quite useless for asserting one's identity to random other mail servers as you'd have to get them all to trust you as a CA, with exactly the same problems as any other CA, with anonymity tacked on. DNSSEC would be wonderful if it was commonly supported, but we ain't there yet.
The point is that a cert from any currently recognized cert authority is *operationally* better than a snakeoil cert. The practical impact of your initial advice is "don't run a mail server".
Also, secrets don't last -- nobody trusts anything that came from DigiNotar. That will happen to any CA caught issuing bogus certs, regardless for whom.
Then read US export laws concerning security devices. Then judge your US-issued certs...
Totally orthogonal to the problem of mutual trust for mail handling.