On Thu 2014-02-20 12:06:08 -0500, Melinda Shore wrote: > I've uploaded a first crack at an agenda to > http://www.ietf.org/proceedings/89/agenda/agenda-89-trans. > Please let me know if anything is missing, or if you'd like > to request some time on the agenda.
Thanks for organizing, Melinda! I'd like to try to make a bit of time
in the agenda to talk about the use of CT in the SMTP+STARTTLS
environment.
Given the current opportunistic mode that TLS is used for in SMTP, we
may decide that there is no reasonable intersection at all today, but i
think it would be worth putting the issue on people's radar with a brief
discussion.
For example, brief discussion of any of these questions might be useful:
* Should submission (SMTP+STARTTLS on port 587, with some form of
client authentication) servers enroll their certificates in the log?
* Should submission clients (MUAs like Thunderbird or Outlook) verify
SCTs? If so, what would be a reasonable action for MUAs to take if
an SCT is missing or does not validate? Does this change if the MUA
has a history of having seen a valid SCT for the submission server?
Should MUA configuration indicate to the user whether a server's
certificate is in the log or not?
* Should submission servers that use client-side certs to authenticate
their clients look for SCTs in their client's certs? If so, how
should they behave if a client's SCT is missing or does not validate?
* Should regular (port 25, not submission) SMTP+STARTTLS clients verify
the SCTs passed by the peer? What should be done if an SCT is absent
or doesn't verify? What if there is a history of having seen a
logged cert for that peer?
* Should regular (port 25, not submission) SMTP+STARTTLS servers with
client-cert-authenticated peers verify the SCTs passed by the peer?
What should be done if an SCT is absent or doesn't verify?
* Should certificates for submission or SMTP+STARTTLS contain any
reference to the domains they accept e-mail for (or send e-mail
from?), or should their certificates be limited to the hostname only?
* What sort of log monitoring should an SMTP+STARTTLS or submission
service operator do to avoid misissuance? Does it differ in any way
from the log monitoring that an HTTPS operator should do?
Regards,
--dkg
pgpQrIDsNLTG5.pgp
Description: PGP signature
_______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
