On Thu, Feb 21, 2019 at 10:37 AM Viktor Dukhovni <ietf-d...@dukhovni.org> wrote:
> > On Feb 21, 2019, at 10:07 AM, Eric Rescorla <e...@rtfm.com> wrote: > > > > To elaborate on one point a bit: it seems to me that it's harmful to > > security to allow the sender to unilaterally override the recipient's > > preferences that something be encrypted. To forestall one argument, > > yes, the sender knows the contents of the message, but the recipient > > knows their own circumstances, and they may be at particular risk > > A recipient has no expectation that the sending MTA supports any of > DANE, MTA-STS, REQUIRETLS, or even STARTTLS. Nor do Web servers have any expectation that clients support HSTS, but we still don't allow it to be overridden by some http-no-really:// link. > The most the recipient can do is abort the SMTP transaction at any > pre-STARTTLS "MAIL FROM" (typically sent with the pipelined recipient > list) when STARTTLS is not used by the sender (or MITM attacker). > > More harmful to security than acknowledging that either participant > has the freedom to choose the policy that works best for them, is > restricting their choices to the point of making the use of security > mechanisms too burdensome to deploy. > The problem with this mechanism is that it is denying the recipient the right to choose what works for them. -Ekr
_______________________________________________ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta
