On Wed, Mar 13, 2019 at 1:59 PM Alexey Melnikov <aamelni...@fastmail.fm> wrote:
> Hi Ekr, > > On Thu, Feb 21, 2019, at 3:07 PM, Eric Rescorla wrote: > > > ---------------------------------------------------------------------- > > DISCUSS: > > ---------------------------------------------------------------------- > > > > I support Benjamin's DISCUSS. > > > > To elaborate on one point a bit: it seems to me that it's harmful to > > security to allow the sender to unilaterally override the recipient's > > preferences that something be encrypted. To forestall one argument, > > yes, the sender knows the contents of the message, but the recipient > > knows their own circumstances, and they may be at particular risk > > I don't agree with this part of your DISCUSS and with your argument that > this is the same as HSTS (I will try to gather my counter-arguments in a > separate email), but in the interest of being constructive: can you suggest > a possible fix (or directions towards the fix) to address your DISCUSS? > Well, I think this field should only override the outgoing and not incoming policies (or be removed). -Ekr > Thank you, > Alexey >
_______________________________________________ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta
