On Wed, Oct 23, 2013 at 3:35 PM, Stephen Farrell <[email protected]>wrote: > > > On 10/23/2013 08:09 PM, Jim Fenton wrote: > > On 10/23/13 11:28 AM, John-Mark Gurney wrote: > >> Is it just me, or is it funny that we are talking about securing the > >> inet, yet the ietf apparently doesn't do STARTTLS when sending email? > >> and hence the perpass email list is sent out unencrypted... > >> > >> Guess I'll drop a note to [email protected]. > >> > > It's not just you. IETF SHOULD be using STARTTLS for email, not > > particularly for this or other mailing lists (where attackers could just > > read the archives, anyway) but because it's the Right Thing To Do. > > That was discussed in the DANE meeting in Berlin and > there's a plan for eating our own dogfood, but I'm > not sure where its at. Will check. > > S. >
I can sort of see the dogfood / Right Thing To Do argument. But it seems kind of silly to waste the bits / cycles encrypting things whose entire point is to be public. --Richard > > > > -Jim > > _______________________________________________ > > perpass mailing list > > [email protected] > > https://www.ietf.org/mailman/listinfo/perpass > > > _______________________________________________ > perpass mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/perpass >
_______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
