Hiya, Do we already have a BCP saying that IMAP without TLS is uncool these days? If not, was someone here drafting something that says that for progression here or in appsawg? (I've lost track of where the mail work is likely heading sorry.)
Reason to ask is that on another list [1] there are some EU data protection types who are thinking about thinking about trying to say that "no more cleartext IMAP" might be a thing they'd like and like to recommend. (You should get a sense that its early days from the awkward wording of the previous sentence:-) I've no idea if an IETF BCP would help them much, but I guess if we did have consensus on that (including whatever nuance might be required for still important corner cases etc.) then it might mean that they don't need to invent stuff and that should be a good thing since as a crowd EU data protection folks tend to have way more lawyers than techies. The IPEN list [1] was specifically setup to try to bridge just that lawyer/techie gap btw, so if you're interested in the topic in general you can just ask to join the list. (I believe they will always say yes to subscription requests, not 100% sure though.) If you're not that interested but have thoughts or concerns, then feel free to mail me offlist about that. Cheers, S. [1] http://lists.frobbit.se/mailman/listinfo/ipen _______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
