Hi Töma, Those are valid points.
Thanks for the input. On Sat, Jan 12, 2019 at 4:02 PM Töma Gavrichenkov <xima...@gmail.com> wrote: > 12 Jan. 2019 г., 8:44 Viruthagiri Thirumavalavan <g...@dombox.org>: > > Pros of introducing Implicit TLS: > > + Falls under Best Practices > > + Seems like it's what the world wants. > > None of the above is really a technical argument within standards process. > > The world wants emojis in domain names, so what? > > > + Sets an early date to deprecate Opportunistic TLS in the future. > > There's nothing bad in opportunistic TLS per se, and no reason to > deprecate it. The real problem is the (absent) downgrade resistance: SMTP > in cleartext is historically the default, and there's no tool to reliably > advertise to *everyone* on the Internet that your particular SMTP server is > not obsolete. Also, TOFU is similarly unreliable for that matter and too > opaque for troubleshooting. > > None of the issues above are solved by adding yet another port to the > already overblown e-mail port bundle. > > In fact, implicit TLS still has some advantages over the explicit version > (e.g. 0-RTT) that you've missed, but they are of questionable profit for > e-mail. > > -- > Töma > -- Best Regards, Viruthagiri Thirumavalavan Dombox, Inc.
