On Sun, Mar 27, 2016 at 08:17:28PM -0700, Jim Fenton wrote:
> >> I have received suggestions that there also be options to require
> >> specific TLS version, cipher suites, PFS, etc. as well, and my gut feel
> >> is that's getting too specific.
>
> > Don't let this be over-engineered. That's a gu
On 3/25/16 3:19 PM, Viktor Dukhovni wrote:
> On Fri, Mar 25, 2016 at 12:35:02PM -0700, Jim Fenton wrote:
>
>>> If the entire goal is to ensure the integrity of the RFC 6125
>>> "reference identifier" used to authenticate the nexthop SMTP
>>> server, then it is perhaps a good idea to say
On March 24, 2016 at 12:42:07 , Jim Fenton (fen...@bluepopcorn.net) wrote:
Not to distract from the STS discussion, but I thought I'd point out
another approach to SMTP TLS 'encouragement' that I submitted a few
weeks ago: draft-fenton-smtp-require-tls-01. There has been some
discussion of this
On Fri, Mar 25, 2016 at 12:35:02PM -0700, Jim Fenton wrote:
> > If the entire goal is to ensure the integrity of the RFC 6125
> > "reference identifier" used to authenticate the nexthop SMTP
> > server, then it is perhaps a good idea to say so explicitly.
>
> The primary purpose was i
On 03/25/2016 11:24 AM, Viktor Dukhovni wrote:
> On Thu, Mar 24, 2016 at 07:12:43PM -0700, Jim Fenton wrote:
>
>> Not to distract from the STS discussion, but I thought I'd point out
>> another approach to SMTP TLS 'encouragement' that I submitted a few
>> weeks ago: draft-fenton-smtp-require-tls-0
On 03/25/2016 07:24 AM, Jeremy Harris wrote:
> On 25/03/16 02:12, Jim Fenton wrote:
>> draft-fenton-smtp-require-tls-01
>> The idea here is that REQUIRETLS allows the SMTP client to override the
>> default "deliver even if you can't do it securely" behavior of SMTP. The
>> philosophy is that the s
On 03/25/2016 06:45 AM, Jeremy Harris wrote:
> On 25/03/16 12:09, Aaron Zauner wrote:
>>> On 25 Mar 2016, at 03:12, Jim Fenton wrote:
>>> REQUIRETLS is an SMTP service extension that allows an SMTP client to
>>> specify (via a MAIL FROM option) that a given message must be sent over
>>> a TLS prot
On Thu, Mar 24, 2016 at 07:12:43PM -0700, Jim Fenton wrote:
> Not to distract from the STS discussion, but I thought I'd point out
> another approach to SMTP TLS 'encouragement' that I submitted a few
> weeks ago: draft-fenton-smtp-require-tls-01. There has been some
> discussion of this draft, pr
Thank you, Jim. Definitely should be a part of the conversation.
You are on the Agenda!
Orit.
> -Original Message-
> From: Uta [mailto:uta-boun...@ietf.org] On Behalf Of Jim Fenton
> Sent: Thursday, March 24, 2016 7:13 PM
> To: uta@ietf.org
> Subject: [Uta] REQUIRETLS: another SMTP TLS mec
>- The draft does not mention alias-style forwarding done by an MTA;
> perhaps it could? A 1-1 alias would seems to be easily covered,
> but 1-to-many (mail-exploder) aliases may need more thought.
The whole draft presumes that intermediate hops will follow
instructions from the sender, without
On 25/03/16 02:12, Jim Fenton wrote:
> draft-fenton-smtp-require-tls-01
> The idea here is that REQUIRETLS allows the SMTP client to override the
> default "deliver even if you can't do it securely" behavior of SMTP. The
> philosophy is that the sender of the message (SMTP client) is in the
> bes
On 25/03/16 12:09, Aaron Zauner wrote:
>> On 25 Mar 2016, at 03:12, Jim Fenton wrote:
>> REQUIRETLS is an SMTP service extension that allows an SMTP client to
>> specify (via a MAIL FROM option) that a given message must be sent over
>> a TLS protected session with specified security characteristi
> On 25 Mar 2016, at 03:12, Jim Fenton wrote:
>
> Not to distract from the STS discussion, but I thought I'd point out
> another approach to SMTP TLS 'encouragement' that I submitted a few
> weeks ago: draft-fenton-smtp-require-tls-01. There has been some
> discussion of this draft, primarily on
13 matches
Mail list logo
