Stumbled upon this interesting thing today:
https://starttls-everywhere.org/policy-list/.
I believe it is important for MTA-STS-based MX authentication since MTA-STS has
a trade-off related to downgrade-resistance. This list, being similar to the
preload list for HSTS[1], can compensate that. I think chasquid can gain
support for using this list as a secondary reference for TLS enforcement
status. chasquid is about security, right?
Btw, I am planning to implement its support in maddy too[2] and will
publish a library for working with it (likely, alongside with currently
internal maddy MTA-STS library). In case you are interested.
[1]: https://src.chromium.org/viewvc/chrome/trunk/src/net/http/transport_security_state_static.json
[2]: https://github.com/foxcpp/maddy/issues/180
--
Cheers,
Max Mazurov
https://foxcpp.dev