On 4/16/16 10:23 AM, Chris Newman wrote: > >>> So while Viktor made a compelling case that the TLS version directive is >>> not appropriate for SMTP relay, I think it is appropriate for the MUA STS >>> scenario where it’s simpler to implement, where very old MUAs are in wide >>> use requiring permissive servers, and I’d really like to be sure my client >>> is using the stronger versions of TLS as long as I don’t have to manually >>> configure it.
I'm a little confused by the language in section 9.1 "All [client and server] implementations MUST be configurable to support implicit TLS using the TLS 1.2 protocol or later." So why not insist in TLS 1.2 all the time? There must be a deployment corner case that I'm not considering. But, as you noted in section 6, the choice of TLS version isn't the only thing that needs to be considered. Why does TLS version rise to the level of importance of creating a directive, but cipher suite doesn't? I don't see the complexity and interoperability risk associated with all this to be warranted by the relatively low level of security risk. Also, if we're talking about some unification of STS and DEEP (as "MUA-STS" or something, if I recall correctly), and the STS policy is retrieved in a "webby" manner, the policy record probably also needs to adhere to its own standards for TLS version, cipher suite, etc. Which could be problematic if an attacker can publish a record for a known-vulnerable cipher suite or something. -Jim _______________________________________________ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta
