Gentle reminder: I haven't yet gotten any comments on this new version of the REQUIRETLS draft, and would appreciate some review.
-Jim On 1/16/18 1:58 PM, Jim Fenton wrote: > This version moves the "REQUIRETLS=NO" option to a message header field, > RequireTLS: No, and removes it as an option for the SMTP service > extension since the point in the "no" case is to assist with message > delivery, not to limit it to MTAs supporting REQUIRETLS. > > -Jim > > > On 1/16/18 1:53 PM, [email protected] wrote: >> A New Internet-Draft is available from the on-line Internet-Drafts >> directories. >> This draft is a work item of the Using TLS in Applications WG of the IETF. >> >> Title : SMTP Require TLS Option >> Author : Jim Fenton >> Filename : draft-ietf-uta-smtp-require-tls-01.txt >> Pages : 15 >> Date : 2018-01-16 >> >> Abstract: >> The SMTP STARTTLS option, used in negotiating transport-level >> encryption of SMTP connections, is not as useful from a security >> standpoint as it might be because of its opportunistic nature; >> message delivery is, by default, prioritized over security. This >> document describes an SMTP service extension, REQUIRETLS, and message >> header field, Require-TLS. If the REQUIRETLS option or Require-TLS >> message header field is used when sending a message, it asserts a >> request on the part of the message sender to override the default >> negotiation of TLS, either by requiring that TLS be negotiated when >> the message is relayed, or by requesting that recipient-side policy >> mechanisms such as MTA-STS and DANE be ignored when relaying a >> message for which security is unimportant. >> >> >> The IETF datatracker status page for this draft is: >> https://datatracker.ietf.org/doc/draft-ietf-uta-smtp-require-tls/ >> >> There are also htmlized versions available at: >> https://tools.ietf.org/html/draft-ietf-uta-smtp-require-tls-01 >> https://datatracker.ietf.org/doc/html/draft-ietf-uta-smtp-require-tls-01 >> >> A diff from the previous version is available at: >> https://www.ietf.org/rfcdiff?url2=draft-ietf-uta-smtp-require-tls-01 >> >> >> Please note that it may take a couple of minutes from the time of submission >> until the htmlized version and diff are available at tools.ietf.org. >> >> Internet-Drafts are also available by anonymous FTP at: >> ftp://ftp.ietf.org/internet-drafts/ >> >> _______________________________________________ >> Uta mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/uta > _______________________________________________ > Uta mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/uta _______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
