> On Jan 5, 2019, at 10:50 AM, Viruthagiri Thirumavalavan <[email protected]>
> wrote:
>
> I have a proposal for SMTPS (Implicit TLS), port 25 secure alternative on a
> new dedicated port 26.
>
> Both MTA-STS and MTA-DANE tries to fix the STARTTLS downgrade issue. However
> the implementation is not simple. The former requires a HTTPS server and the
> latter requires DNSSEC.
>
> I'm proposing a very simple solution. It's actually dead simple. So i'm not
> really sure whether it was proposed before and got rejected for some reasons
> or you guys really missed that one.
This adds complexity, without solving any problems. I'm afraid
this proposal has no merit.
* The attacker can just as easily block connections to port 26,
as filter out STARTTLS.
* This in no way addresses the authentication issues.
There are more problems, but those two are enough to make further
discussion of the proposal pointless.
--
Viktor.
_______________________________________________
Uta mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/uta
