On 19/09/16 02:38, Viktor Dukhovni wrote:
>
>> On Aug 22, 2016, at 10:53 AM, Jeremy Harris wrote:
>>
>>> draft-fenton-smtp-require-tls
> ion
>> Abstract
>>
>>The SMTP STARTTLS option, used in negotiating transport-level
>>encryption of SMTP connections, is not as useful from a security
>>
> On Sep 19, 2016, at 7:40 PM, Jeremy Harris wrote:
>
> Irrelevant. DANE provides a means for the target MX to request
> encryption, REQUIRETLS provides a means for the sender to request
> encryption. Both are valuable.
You've lost context. I'm not saying that REQUIRETLS is unnecessary,
I am
On 19/09/16 19:02, Viktor Dukhovni wrote:
> On Mon, Sep 19, 2016 at 10:44:52AM -0700, Jim Fenton wrote:
>
>>> Delivery is not prioritized over security when the sending domain's
>>> policy requires TLS for the given destination; or when the receiving
>>> domain publishes DANE or (less reliably for
On Mon, Sep 19, 2016 at 10:44:52AM -0700, Jim Fenton wrote:
> > Delivery is not prioritized over security when the sending domain's
> > policy requires TLS for the given destination; or when the receiving
> > domain publishes DANE or (less reliably for initial delivery) STS
> > policy. What's opp
On 9/19/16 10:19 AM, Viktor Dukhovni wrote:
>>
> In the face of DANE and STS, some users may encounter transient
> difficulties with mail delivery to some domains due to security
> policy and the failure of the receiving domain to correctly
> maintain their certificates and/or TLSA records.
>
> Use
On 9/18/16 6:38 PM, Viktor Dukhovni wrote:
>> On Aug 22, 2016, at 10:53 AM, Jeremy Harris wrote:
>>
>>> draft-fenton-smtp-require-tls
> ion
>> Abstract
>>
>>The SMTP STARTTLS option, used in negotiating transport-level
>>encryption of SMTP connections, is not as useful from a security
>>
> On Sep 19, 2016, at 1:02 PM, Jim Fenton wrote:
>
>> Sorry, have not yet read the draft, more comments at that time.
>> I still think that any such mechanism needs to be able to not only
>> request a greater protection for a given messages, but also to request
>> lesser protection, prioritizing
On 9/18/16 5:35 PM, Viktor Dukhovni wrote:
>> On Sep 18, 2016, at 6:47 PM, Jim Fenton wrote:
>>
>> Yes; I'm not sure why I singled out MX and CNAME because I know those
>> aren't the only ways of locating the server. I would propose to change
>> "confirm that any MX record or CNAME lookup used to
> On Aug 22, 2016, at 10:53 AM, Jeremy Harris wrote:
>
>> draft-fenton-smtp-require-tls
ion
> Abstract
>
>The SMTP STARTTLS option, used in negotiating transport-level
>encryption of SMTP connections, is not as useful from a security
>standpoint as it might be because of its opportu
> On Sep 18, 2016, at 6:47 PM, Jim Fenton wrote:
>
> Yes; I'm not sure why I singled out MX and CNAME because I know those
> aren't the only ways of locating the server. I would propose to change
> "confirm that any MX record or CNAME lookup used to locate the SMTP
> server" to "confirm that and
Apologies for the very late reply; this slipped through the cracks somehow.
On 8/22/16 7:53 AM, Jeremy Harris wrote:
> On 16/08/16 23:09, Jim Fenton wrote:
>> Name:draft-fenton-smtp-require-tls
>> Revision:02
> - Section 2, bullet point discussing the DNSSEC parameter:
>
> S
11 matches
Mail list logo