Hi Keith,
One little thing about your new ABNF for DH group:
On 25/10/2017 01:31, Keith Moore wrote:
Line 328
the TLS ciphersuite of the session in which the mail was
received,
in the Received field of the outgoing message. (See Section
4.3.)
Do you want to also suggest that it include the name of the DH group,
if any?
I've attempted to add that attribute but please check the text:
The ESMTPS transmission type <xref target="RFC3848"/> provides
trace
information that can indicate TLS was used when transferring mail.
However, TLS usage by itself is not a guarantee of
confidentiality or
security. The TLS cipher suite provides additional information
about the
level of security made available for a connection. This defines
a new
SMTP "tls" Received header additional-registered-clause that is
used to
record the TLS cipher suite that was negotiated for the
connection. The
value included in this additional clause SHOULD be the
registered cipher
suite name (e.g., TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256)
included in the TLS
cipher suite registry. In the event the implementation does not
know the
name of the cipher suite (a situation that should be remedied
promptly),
a four-digit hexadecimal cipher suite identifier MAY be used.
In addition, the Diffie-Hellman group name associated with the
ciphersuite MAY be included (when applicable and known)
following the
ciphersuite name. The ABNF for the field follows:
<figure>
<artwork type="abnf">
tls-cipher-clause = CFWS "tls" FWS tls-cipher [ "group" dh-group ]
Is lack of some kind of delimiter before and after "group" intentional?
(FWS? Or maybe ";" before group).
tls-cipher = tls-cipher-name / tls-cipher-hex
tls-cipher-name = ALPHA *(ALPHA / DIGIT / "_")
; as registered in IANA cipher suite registry
tls-cipher-hex = "0x" 4HEXDIG
dh-group = ALPHA *(ALPHA / DIGIT / "_")
; as registered in IANA TLS Supported Groups Registry
</artwork>
</figure>
_______________________________________________
Uta mailing list
Uta@ietf.org
https://www.ietf.org/mailman/listinfo/uta
