On 25/03/16 12:09, Aaron Zauner wrote: >> On 25 Mar 2016, at 03:12, Jim Fenton <fen...@bluepopcorn.net> wrote: >> REQUIRETLS is an SMTP service extension that allows an SMTP client to >> specify (via a MAIL FROM option) that a given message must be sent over >> a TLS protected session with specified security characteristics. Options >> allow the specification of allowable methods of server certificate >> verification, including web-PKI and DANE. In advertising its support for >> REQUIRETLS, the SMTP server is promising to honor that requirement.
> This sounds very similar to what DEEP is trying to achieve, can you highlight > important differences? As I read them: REQUIRETLS covers an entire chain of to-MTA hops (by requiring not only TLS but also REQUIRETLS on a forwarding hop, or bounce). It would presumably cover the MUA-MSA hop (as DEEP does) when SMTP was used there. It SHOULD's secure access by the destination MUA (though that will be hard, in many implementations, as it requires implementation in a separate lump of software). It works on a per-message basis. DEEP talks in terms of per-mail-account configuration. It deals with both submission and access, It talks about UI presentation of security status. It does not cover beyond the MSA or MDA. -- Cheers, Jeremy _______________________________________________ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta
