Re: [Uta] MTA-STS - Questions on implementing the latest (02) draft

On the issue of mta-sts vs _mta-sts: The TXT and A/ records should be under the same label. W/ or w/o an underscore *will* lead to implementors getting things wrong. And the two always should be in the same zone, even where zone cuts exist. It is not just aesthetics. -JimC -- James Cloos

Re: [Uta] smtp-sts-04 JSON

tic text file in that case, and not have to worry about (or muck around with) line endings. -JimC -- James Cloos OpenPGP: 0x997A9F17ED7DAEA6 ___ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta

Re: [Uta] MTA-STS: A Key-Value Alternative

t should just skip reporting, but it should be specified. -JimC -- James Cloos OpenPGP: 0x997A9F17ED7DAEA6 ___ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta

Re: [Uta] MTA-STS: A Key-Value Alternative

ay that all clients MUST accept text/plain. -JimC -- James Cloos OpenPGP: 0x997A9F17ED7DAEA6 ___ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta

Re: [Uta] MTA-STS: A Key-Value Alternative

t (i.e. "if senders and recipients both implement DM> TLSRPT")? Yes, that was my point. This doc should be explicit in that case. There a lots of ways to word it, your quote above works. -JimC -- James Cloos OpenPGP: 0x997A9F17ED7DAEA6 _

Re: [Uta] Updated TLSRPT Draft (v07)

>>>>> "BA" == Brotman, Alexander writes: > we wanted to try to provide an interim/updated draft for any final review. Nit: it looks like the 'IPv4 Address is defined as' section is missing some newlines. Kudos on the switch to i-json. -JimC -- James Cloo

Re: [Uta] I-D Action: draft-ietf-uta-smtp-tlsrpt-08.txt

ACKed, then the document should specify that. -JimC -- James Cloos OpenPGP: 0x997A9F17ED7DAEA6 ___ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta

Re: [Uta] Updated MTA-STS & TLSRPT

59 (JSON) got dropped. Given that json is still in the draft, I can't tell whether that was intentional. -JimC -- James Cloos OpenPGP: 0x997A9F17ED7DAEA6 ___ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta

Re: [Uta] Updated MTA-STS & TLSRPT

(which was a JSON body itself, which no > longer is the case). But that looks like the change was intentional. -JimC -- James Cloos OpenPGP: 0x997A9F17ED7DAEA6 ___ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta

Re: [Uta] Updated TLSRPT

-JimC -- James Cloos OpenPGP: 0x997A9F17ED7DAEA6 ___ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta

Re: [Uta] Warren Kumari's Discuss on draft-ietf-uta-mta-sts-17: (with DISCUSS)

difficult task. Using a prefix for the txt rr has value, but using a prefix for the a rr does not. -JimC -- James Cloos OpenPGP: 0x997A9F17ED7DAEA6 ___ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta

Re: [Uta] Updated MTA-STS & TLSRPT Drafts

ression that the policy host ought to provide a cert for the policy domain rather than for itself. -JimC -- James Cloos OpenPGP: 0x997A9F17ED7DAEA6 ___ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta

Re: [Uta] I-D Action: draft-ietf-uta-mta-sts-20.txt

Was the s/https/http/g in the boilerplate intentional? -JimC -- James Cloos OpenPGP: 0x997A9F17ED7DAEA6 ___ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta

Re: [Uta] I-D Action: draft-ietf-uta-smtp-tlsrpt-23.txt

> https://www.ietf.org/rfcdiff?url2=draft-ietf-uta-smtp-tlsrpt-23 Some newlines got lost in that update. The diff makes it easy to see. Also, the new copy needs: s/by and Adler-32/by an Adler-32/ Otherwise it looks good. -JimC -- James Cloos OpenPGP: 0x997A9F17ED7DA

Re: [Uta] I-D Action: draft-ietf-uta-smtp-tlsrpt-23.txt

ttack vector everyone needs to expect. VD> Applications might want to set limits on the amount VD> of data they're willing to extract from the compressed VD> stream. Good advice. -JimC -- James Cloos OpenPGP: 0x997A9F17ED7DAEA6 ___ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta

Re: [Uta] Scanresults mta-sts policies

line in the file to ensure that it would be served with them. A proper, simple text file would be easier. -JimC -- James Cloos OpenPGP: 0x997A9F17ED7DAEA6 ___ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta

Re: [Uta] Scanresults mta-sts policies

> "VD" == Viktor Dukhovni writes: VD> sts-policy-term = LF / CRLF Did that change during the drafts? Or perhaps a verifier I used to test my file rejected it w/o the CRs? My recall is incomplete; I set it up back in May, and only switched it to enforce since the rfc.

[Uta] tlsrpt

I see that google has started sending tls reports to the rua listed in _smtp._tls.ZONE. TXT RRs. Has anyone else? -JimC -- James Cloos OpenPGP: 0x997A9F17ED7DAEA6 ___ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta

Re: [Uta] tlsrpt

>>>>> "BA" == Brotman, Alexander writes: BA> Yes, we've gotten a couple now. There was an announcement on their blog: Thanks, and apologies for my ambiguity. I meant has any one else started sending tlsrpts? -JimC -- James Cloos

Re: [Uta] tlsrpt

d it is easier to do whatever one wants with the reports. The reports only just started, but Google-SMTP-STS has been querying my /.well-known/mta-sts.txt files for weeks. I think I first noticed those back in January. Maybe earlier. -JimC -- James Cloos OpenPGP: 0x997A9F17ED7DAEA6 ___

Re: [Uta] tlsrpt

; : "2019-04-26T23:59:59Z", }, "organization-name" : "Google Inc.", "report-id" : "2019-04-26T00:00:00Z_redacted" } -JimC -- James Cloos OpenPGP: 0x997A9F17ED7DAEA6 ___ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta