Genuine question though: What differentiates a client from a remote SMTP
server besides emotional attachment?
A remote SMTP server should not be told "This is a secure line" when it
isn't, in just the same way and for the same reasons, that a client
shouldn't be told "This is a secure website" in Firefox when it isn't.
By the very fact alone that a remote SMTP server is connecting to yours
over TLS 1.0 we can reasonably deduce that the person on the other side
is not to be considered to be okay. Either they don't know how to manage
their server or they are the victim of a server side downgrade attack.
You can't only react to security you have to be proactive, and just
because I've never seen someone be the victim of a downgrade attack on a
Postfix install doesn't mean that it isn't the best security practice to
protect against that.
Else, why are there even any articles about old versions being insecure?
Why are there any efforts to remove old TLS versions from every major
software application and operating system? Are all of these security
experts and corporations just playing a game with TLS versions, or is
there perhaps something to this security practice?
On 2022-08-03 13:16, Bill Cole via mailop wrote:
On 2022-08-03 at 13:37:56 UTC-0400 (Wed, 03 Aug 2022 12:37:56 -0500)
Jarland Donnell via mailop <jarl...@mxroute.com>
is rumored to have said:
If you must divulge your SSN over the phone (for reasons) do you just
blurt it out at normal volume indifferent to who is around? Or do you
walk to a secluded corner of the room and cup your hand around the
mouth piece? Even questionable security is better than no security in
many cases.
No, it isn't. It isn't security at all. If you call someone and tell
them you need their SSN and they ask "Is this a secure line?" If it's
not, you're supposed to say "No." You're not supposed to say "This is
a secure line" and leave unstated the subtext of "If you didn't do
your research to know why this isn't a secure line, it's your
problem." It's on you when you say "Yes" to "Is this secure?" when it
isn't secure.
But that's not at issue with allowing TLS 1.0 and 1.1 in SMTP. Clients
aren't "told" a session is "secure," they *negotiate* a session's
specific security features in a deterministic manner. Presumably a
client that can't do TLS 1.2 or 1.3 has no expectation of any better
security than they can get with whatever TLS versions they can do.
If you believe that either of those older versions of TLS is as
vulnerable as plain text, please specify why. As far as I am aware,
the only problems with them are inclusion of some weak (but not
trivially so) ciphers by default and attacks that can't work against a
typical SMTP server.
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop