> On Sep 19, 2016, at 1:02 PM, Jim Fenton <fen...@bluepopcorn.net> wrote:
>> Sorry, have not yet read the draft, more comments at that time.
>> I still think that any such mechanism needs to be able to not only
>> request a greater protection for a given messages, but also to request
>> lesser protection, prioritizing delivery over security. On the
>> MUA -> MSA link, the administrator may, as a matter of local policy,
>> configure a policy to refuse messages that request security downgrades.
>> Other MTAs would not have such liberty.
> I don't understand this. In practice, delivery is already prioritized
> over security, so you can get that by just not using REQUIRETLS.
> By "request security downgrades" do you mean negotiate a weaker cipher
> suite, or (in the case of the MUA administrator) decide to ignore
> certificate verification, etc.? If that's what you mean, sure, but
> REQUIRETLS is all about making that apply to subsequent hops (past
> submission) as well.
In the face of DANE and STS, some users may encounter transient
difficulties with mail delivery to some domains due to security
policy and the failure of the receiving domain to correctly
maintain their certificates and/or TLSA records.
Users may at times want to selectively override such policy on a
per-message basis. Administrators of corporate outbound MSAs may
want to deny users that choice.
Uta mailing list