On Thu, Feb 28, 2019 at 01:35:53PM -0500, Viktor Dukhovni wrote:
> We should keep in mind that email is often the medium used to
> communicate about operational failures. And that not infrequently,
> insecure email is the medium through which more essential security
> is brought back into service elsewhere.
I think a note by John Callas from a current thread on the Cryptography
list is apt:
Remember that the rules of infosec are Confidentiality, Integrity,
and Availability. You don’t want to do something like maximize
C and minimize A. I’ve heard several stories about people who
made that mistake and now do not have available the few thousand
bitcoins they once had.
Keeping also in mind that providers and users are more likely to
adopt technologies that provide C, so long as they can still get A
when needed. So to maximize confidentiality *in practice* we must
not over-emphasize it to the detriment of availability.
Hop-by-hop transport security in email is in good measure a concession
to the fact that we're (for good reasons) as far as ever from any
broad deployment of end-to-end email encryption, and that hop-by-hop
TLS is the compromise that can reach broad adoption. The security
specified in DANE and MTA-STS is ultimately only useful if broadly
deployed. Let's make that deployment easier.
If after some years of broad deployment, all but a negligible number
of operators learn how to operate their MTAs flawlessly, monitoring
and provisioning tools improve etc., and the need for exceptions
goes away, then we can deprecate "TLS-Required: no" (or whatever
the name is in the end) as having served its purpose by easing the
path to adoption in the years prior.
--
Viktor.
_______________________________________________
Uta mailing list
Uta@ietf.org
https://www.ietf.org/mailman/listinfo/uta
