After thinking about this a bit, it seems to me that if any portions of
draft-ietf-email-deep should be BCP, it's those that describe
requirements for MSPs. Those are indeed practice, not protocol.
In the interest of expediency, I'd be fine with making those portions of
MUA-STS non-normative and keeping them in the same document. I'd also
be happy to separate that out into a separate BCP document, though it
would take a bit longer. But if we do that, I'd really like to get
consensus on the technical bits of MUA-STS first.
Also, based on input from the Fastmail folks in Chicago, I think it
makes sense to relax the MSP requirements somewhat. The goal of
MUA-STS is to get all MUA-server links robustly encrypted. Different
MSPs can quite reasonably choose different ways of doing this, based on
whatever works for their operations and customers. If an MSP does this
by some other means than the MUA-STS protocol extensions, the goal is
still met.
Keith
_______________________________________________
Uta mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/uta
