IETF Logo Mail Archive

[Emailcore] Re: [Last-Call] Re: Re: Re: Re: Re: Re: Re: draft-ietf-emailcore-as-28 ietf last call Secdir review

John Levine <johnl@ietf.email> Thu, 07 May 2026 19:16 UTC

Return-Path: <johnl@iecc.com>
X-Original-To: emailcore@mail2.ietf.org
Delivered-To: emailcore@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 602BBEAC88F1 for <emailcore@mail2.ietf.org>; Thu, 7 May 2026 12:16:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1778181403; bh=769BzrPYwYBU8K8gZVAA84nqnK9meUFHIKBGWC4OBFQ=; h=Date:From:To:Cc:Subject:In-Reply-To:References; b=l5buUONo5ifo0dD5b2XnPQki2x/6If1qnvRXJe/FFJoDA7oFYj9FZ6b0A9R+2h0Z7 JFD89QXunZHqcXCGHW/zcHJ2VFyBfvcrsdC7Y0jTpdwg5f5HuH2nXbe9d+gNvOGMYu KFrfdlS9iTYqam2QgUazlo3VTbjvKnIt6rmjB6oY=
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -4.4
X-Spam-Level:
X-Spam-Status: No, score=-4.4 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b="bipIG7As"; dkim=pass (2048-bit key) header.d=ietf.email header.b="R6nD4Sou"
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 66sk57DXTBo0 for <emailcore@mail2.ietf.org>; Thu, 7 May 2026 12:16:38 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id A83FCEAC887D for <emailcore@ietf.org>; Thu, 7 May 2026 12:16:29 -0700 (PDT)
Received: (qmail 87200 invoked from network); 7 May 2026 19:16:29 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:content-transfer-encoding:cleverness; s=1549e69fce50d.k2605; t=1778181379; x=1778526979; bh=769BzrPYwYBU8K8gZVAA84nqnK9meUFHIKBGWC4OBFQ=; b=bipIG7AsukJsLqYjBc3jD9+iivd9rLIi4znLz739W7ut0xCg9nMQalYD+Hfu4g4dwDQvPNs15x3KRANlj4ZsEu9Qz8+VJxHafXtJWUaQaXG6CD/hd0IhSWLL1ySCim0WUEGFK8BayGX648VBzEvKacCLstYaXImWgr10cnEgou9NF+zURlPnKcEN1oqOhV8C3mGZOlqslNc0+FiZaLBimo+IBPuBGz7DOBEHJ/6oOXvCZyG3Fz8CrCKPTwrVyQ/hbKSvs29HoZrDAtAKLserV1ELn4CW7mRPdld8OTqWur0qgeRFY/g3oSURYyFcFIfGaf7FXt+uUJVxAB5rSkqUTg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=ietf.email; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:content-transfer-encoding:cleverness; s=1549e69fce50d.k2605; bh=769BzrPYwYBU8K8gZVAA84nqnK9meUFHIKBGWC4OBFQ=; b=R6nD4SouqXJopIr6+F1kOzhEQsVnqxLSjM7j8FBBYTBuuKp6g8uXA4YEGHfscSi79XO993Q9Btef1SopoP/0ZjzslrpGANN4xtBuI1fahAM2n/hU03hWgoG3tfEBr9JDBxZ18CmyXfja0RgsT/K2OE1tcBk7vWk426Qpb8jOvSMSTMsS8pZQTXQjRbK82wMSFHO6QoRTCBxQq7bdKmh+cU8a/w+Svx4vxrn7dy3YhM2JaFnl2H6rZ4+P2oHMQ5wx64pvl0p5Bo5HcetQ3bjnkGM6H4Sr8cd+G7tsVSHRqkjZzJ7on8418cAJp2bBPd1soJSvJT0c3Kje7s0FR7PuoA==
Received: from ary.qy ([IPv6:2001:470:1f07:1126:0:78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126:0:78:696d:6170]) with ESMTPS (TLS1.3 ECDHE-RSA CHACHA20-POLY1305 AEAD) via TCP6; 07 May 2026 19:16:28 -0000
Received: by ary.qy (Postfix, from userid 501) id 747921088D3ED; Thu, 7 May 2026 15:16:27 -0400 (EDT)
Date: Thu, 07 May 2026 15:16:27 -0400
Message-Id: <20260507191628.747921088D3ED@ary.qy>
From: John Levine <johnl@ietf.email>
To: emailcore@ietf.org
In-Reply-To: <d82df024-f469-4703-9314-dd92c72f1649@huitema.net>
Organization: Taughannock Networks
References: <32942A82C95F3FBDE8132D7B@PSB> <CAChr6SyyBmNtuwoM0tejT_5hetohrNnOXoM-88CrZ9-UAZjGWg@mail.gmail.com> <B2BADFC33739FA118D4D4EB6@PSB> <CAChr6Syxdt3JG6_6d87Mfd4t1UVfQ-aW51VMf6bnH4xRk7-nbw@mail.gmail.com> <8F1880CFA7BAB5F0684B1A74@PSB> <CAChr6SypYG3x2XkGfRfDGQLFFBvxdVa77qVoUL+x40m0RDHTUA@mail.gmail.com> <227DBC1076C6E2FD24C47E7A@PSB> <CAChr6SwYY2dY9poCH+n-=J3dbUGHM=voeEkyj3TwwhiDRwkV-w@mail.gmail.com> <8cdce338-a586-4ab0-8349-c100188a72ca@it.aoyama.ac.jp> <b1a9ef51-2e97-4835-ae88-a098ee12df1a@lear.ch> <afxmzSiWlk-pMd0C@chardros.imrryr.org> <10556.1778171158@obiwan.sandelman.ca> <d82df024-f469-4703-9314-dd92c72f1649@huitema.net>
X-Headerized: yes
Cleverness: minimal
Mime-Version: 1.0
Content-type: text/plain; charset="utf-8"
Content-transfer-encoding: 8bit
Message-ID-Hash: VYVI7VLP7CS76DOFUIDKM6RC3KUYN2GP
X-Message-ID-Hash: VYVI7VLP7CS76DOFUIDKM6RC3KUYN2GP
X-MailFrom: johnl@iecc.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: huitema@huitema.net
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [Emailcore] Re: [Last-Call] Re: Re: Re: Re: Re: Re: Re: draft-ietf-emailcore-as-28 ietf last call Secdir review
List-Id: EMAILCORE proposed working group list <emailcore.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/emailcore/_rqQcdG6U7y6rVPdPJ4e4OTg_uU>
List-Archive: <https://mailarchive.ietf.org/arch/browse/emailcore>
List-Help: <mailto:emailcore-request@ietf.org?subject=help>
List-Owner: <mailto:emailcore-owner@ietf.org>
List-Post: <mailto:emailcore@ietf.org>
List-Subscribe: <mailto:emailcore-join@ietf.org>
List-Unsubscribe: <mailto:emailcore-leave@ietf.org>

It appears that Christian Huitema  <huitema@huitema.net> said:
>The objection is not that asking that from a software provider would be 
>a bad idea for you. The problem is essentially a shift of 
>responsibilities: the decision to accept clear text message is made by 
>the MTA admin, and the AS would instead create a mandate on all software 
>developers. 

Right. That reflects reality. Mail software and mail systems handle cleartext
mail, and no matter what we say they will continue to do so. We know this
because we have talked to the people who write it and run it and this is what
they have without exception said.

We know from Richard Clayton's recent message that 16% of the hosts that talk to
Yahoo's giant mail system don't do TLS, so any MTA that didn't handle cleartext
mail would not in any meaningful sense interoperate with existing SMTP servers.
Beyond that, John Klensin has pointed out reasons why even if we wanted to turn
off cleartext mail, it would still leak envelope data while often failing
mysteriously.

Why are we even having this argument?

R's,
John

v2.46.0 | Report a Bug | By Email | System Status