IETF Logo Mail Archive

[Emailcore] Re: draft-ietf-emailcore-as-27

Jeffrey Walton <noloader@gmail.com> Thu, 05 March 2026 04:21 UTC

Return-Path: <noloader@gmail.com>
X-Original-To: emailcore@mail2.ietf.org
Delivered-To: emailcore@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 4D201C4A96E8 for <emailcore@mail2.ietf.org>; Wed, 4 Mar 2026 20:21:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -1.098
X-Spam-Level:
X-Spam-Status: No, score=-1.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FORGED_GMAIL_RCVD=1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bc7j0aohmlze for <emailcore@mail2.ietf.org>; Wed, 4 Mar 2026 20:21:16 -0800 (PST)
Received: from mail-lj1-x22f.google.com (mail-lj1-x22f.google.com [IPv6:2a00:1450:4864:20::22f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id BF7ABC4A96D5 for <emailcore@ietf.org>; Wed, 4 Mar 2026 20:21:16 -0800 (PST)
Received: by mail-lj1-x22f.google.com with SMTP id 38308e7fff4ca-389f200c26eso17320881fa.0 for <emailcore@ietf.org>; Wed, 04 Mar 2026 20:21:16 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1772684469; cv=none; d=google.com; s=arc-20240605; b=PjBG6hC1yaLCZt7xwNt4xk66JtsdPmLY8nzoNRw5VShbUa2vEMstPh9tvHOZNOwr1x oE48uhScNu8o6Z5OZmfZNxhh81R1/bvOniU3S3Hj5c9OrdmzQPjU9NA6CxKjR4+w/n2A yFL8Njg7QSEWZNm96nt0b+bhBG3Qxe6dIAGlRzX5YtiakmpqiV8xdiHNkY9w3F/nmlye KlsFCe9esvCHX7RiyQ2eRBEfmGiQW8VTrgDknu1AIOLY76NrMC4nCAKKdvP2M56hsHBE ENS5P279raZxrrofcsNqABkisU2eyCpSQRN7yDUzIMhgqq0mMfyuz2zuU/9VNKQlK1D1 6csg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=cc:to:subject:message-id:date:from:reply-to:in-reply-to:references :mime-version:dkim-signature; bh=lMiqX3gkghrUHLmAnmFGdLuv+UdaxSzuwqSTJYNvhZQ=; fh=uhjFQniI2pEq4aTvVsf9XqCdz1LJI+WR2HBqAqwh4ws=; b=Ul2gNoim0Zz6Cb0kIEf9ov3dN9D5mng/8Eg3jzEoLI9+mj16JXja8A4U1RGWrEGV0A zGT/Hb0pSIFzOH0rt94mrLikRk5CtDTDU8sSyddM9JCMr1/qKRtvoLiCmVnKbikJXK6p Kjl7P2Dz9uBQruJky88BqE7B2u9sVw7tATOeUptvuHBmwsq3RdK/I/FXnjMFW4jQdKQa k8BjklPpmN6lEf+NH90tyuHAyOmCNMqUB2PrLxiZKVlrfQppjCD7p5NPQITTPVa0YpuR kWTr+GUHPCfI8pu0/HP3POhLkEzFVxc4xCYmyzxozpg/6COwTGZFU+2l1t4uiHWzRQeJ /V7Q==; darn=ietf.org
ARC-Authentication-Results: i=1; mx.google.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1772684469; x=1773289269; darn=ietf.org; h=cc:to:subject:message-id:date:from:reply-to:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=lMiqX3gkghrUHLmAnmFGdLuv+UdaxSzuwqSTJYNvhZQ=; b=ZhdVuUKc9qG42rF7bZvjLgnJEDdqRIRhgU7mR8p8xW2SStT8mBZG4eCSP9pbhdgcQ1 rn/qTNvtAEBNMCqmrdoQWJCrFZXs5ScTKYMa0ZwZg0NSRWXHRXaW2qameEY7fApkS9zc bXM/Bc14zDcYASQSP3lk9fdLim0OtktP1pYt4ZS4x0Z+czFYXjaeZXR6aFPX4EnxTn8I 2A9wNhtVK89IHQPdJp91bPhfkp3sKBMQrdNv6RlFzDTuOMaLfv9oHjMeeIFt5v7BhEZ9 GAPORKJ0mkhRL1rgmT8Ohq/QILu8ARUPvR55o09hRDXy5qAELrd0L+RRfjvIcaPhDJms jdcQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1772684469; x=1773289269; h=cc:to:subject:message-id:date:from:reply-to:in-reply-to:references :mime-version:x-gm-gg:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=lMiqX3gkghrUHLmAnmFGdLuv+UdaxSzuwqSTJYNvhZQ=; b=HFMaUU33iwbrYjYRk4yvc+s/jlzgcl2qbobtVPjjbBKgm7vaVhrmVsRWo51kEZMxgr angVGYySzvSfK9xra52VpLJG9RIpocY1c3By6gz0ewscHqCQOlMLtauG/4z7aJtCOk2Q ehF4rB1UUNq3ZwapmIb4mNszZS+Sc/2aJnAk7FRZFyF9e5sYKPNIbXdGkuye4jKHN+Cs ywt2L5eHT4J0Gq5gch07glXxI5tGPjgLvXCDRNTgqewDMfCZXCp488pYLeL8GuLslylO lqugfLDagyyh/WqcgClSJopYyS6ubHAnWfkuw4J1U9Ed28MupfkF3a66WSPmhJxZemPB q47A==
X-Gm-Message-State: AOJu0Yy5SuEwgp/2AveNiD2QNe3mOhsUXwcbWMIYnlmG0h4InX1cHyjD 5sLW7qwiSpnvZuNWsT7iL/GaXEthpmxjpATEQDiC2Wym9PEPH6+Rb5CEFUITiEoo5ughOnoMWft 3Z0JovpE4p3c7xrh0hKK87jZ8Snat+tc=
X-Gm-Gg: ATEYQzzdmPfCvl+jdcD+ssL1hfCOQS26Q8MN6tBQIomiEyi7ZxpB1UkQ7pfdNi3JqAE L8SCFUuAN4eH+UmSr7pa9/eFeR35U11BYjvT8boJcDQ+tIEV0bwGjQUVMf+g71oXJnQk9vzgqa/ FQSAU1MOW8E3AQBxbwNqVz78ds8DKLz1WSnz2ZbQFmJoYL0hsFiwqDhV7ZPOzlaGIkQieSURDX+ VIroR0bYZdRyBxZL2QYrd02ovc/5Et7tU5cTK3eF2d962RqPziJonukS0C9t3Fa3QGMdD8hxRUB sPHmGCjPrJvFoiy7EvKsf5pInGVCenIo6MuRttCgG4mDC5pHfZ8lDh8CB8W41CvrtX0=
X-Received: by 2002:a2e:320b:0:b0:389:ef35:fb9e with SMTP id 38308e7fff4ca-38a2c5baf4dmr21723821fa.24.1772684469015; Wed, 04 Mar 2026 20:21:09 -0800 (PST)
MIME-Version: 1.0
References: <999F11B4333A51B9CD1B4CAB@PSB>
In-Reply-To: <999F11B4333A51B9CD1B4CAB@PSB>
From: Jeffrey Walton <noloader@gmail.com>
Date: Wed, 04 Mar 2026 23:20:31 -0500
X-Gm-Features: AaiRm53dcMOM49HMKE8GzOpLVeD9yZ7_xKMyzpFgl2VxrLI4BwR2Iu2YqQWklIM
Message-ID: <CAH8yC8=mxQg0umroRw35CBzmLhktmyHKcHrHhBRrRHkioUP0Dg@mail.gmail.com>
To: John C Klensin <john-ietf@jck.com>
Content-Type: multipart/alternative; boundary="00000000000013175b064c3f440f"
Message-ID-Hash: Z5JHFZ2QVKZRXG7J36WNDXIRBL65B4RK
X-Message-ID-Hash: Z5JHFZ2QVKZRXG7J36WNDXIRBL65B4RK
X-MailFrom: noloader@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: emailcore@ietf.org
X-Mailman-Version: 3.3.9rc6
Precedence: list
Reply-To: noloader@gmail.com
Subject: [Emailcore] Re: draft-ietf-emailcore-as-27
List-Id: EMAILCORE proposed working group list <emailcore.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/emailcore/dq5TFH8tDXsE1iylkNAqdrSd8-U>
List-Archive: <https://mailarchive.ietf.org/arch/browse/emailcore>
List-Help: <mailto:emailcore-request@ietf.org?subject=help>
List-Owner: <mailto:emailcore-owner@ietf.org>
List-Post: <mailto:emailcore@ietf.org>
List-Subscribe: <mailto:emailcore-join@ietf.org>
List-Unsubscribe: <mailto:emailcore-leave@ietf.org>

On Sat, Jan 24, 2026 at 5:51 PM John C Klensin <john-ietf@jck.com> wrote:

> Hi.
> Just in case anyone has been waiting for this note...
>
> draft-ietf-emailcore-as-27 was posted at about 23:48 UTC yesterday
> (15:48 US PST - Secretariat time on January 23).  It contains a
> comprehensive rewrite of Section 6.5 as first proposed by Barry and
> edited according to on-list comments.  It also contains several small
> corrections and adjustments, most if not all of which were also
> proposed and/or discussed on-list.  Some of those reflect a "don't
> try to solve that problem here" approach, e.g., rather than
> substituting "PD" for "PII" as proposed, the document now reflects
> both terms.  It avoids trying to resolve some editorial concerns that
> seem best left to the RFC Editor process.
>
> It does not contain forecasts of the future or other discussions
> that, while interesting, appear out of scope for the document and the
> WG.  As part of that, it continues to try to avoid straying into
> specification of behavior of MUAs.
>
> Please read and comment as appropriate.  Preferably that should be
> soon, rather than waiting for some future deadline, and should stay
> on-topic and in-scope.   The Chairs will presumably guide that
> discussion but, personally, I have developed a strong preference
> similar to one John Levine has expressed several times: let's wrap
> this up and move on rather than continuing to quibble over small
> details that are unlikely to cause any email systems to change
> behavior in practice.  A target that leads to the same conclusion is
> that we are only seven weeks out from the state of IETF 125 and it
> would be really nice, IMO, to have all of this (including
> draft-ietf-emailcore-iana-cleanup on which there has been a shortage
> of on-list comments), wrapped up that we don't need to meet then,
> allowing various of us to concentrate on other IETF commitments.
>
> This note does not address the relationship between changes (or their
> absence) and specific Last Call comments, especially from IESG
> members.  That analysis will follow separately.
>
>    john


Hi John,

The infamous Section 6.  Confidentiality and integrity is being discussed
with respect to SHOULD and MUST.  Here is my contribution...

Section 6.1.1 The TLS Protocol, says:

   The TLS Protocol [RFC8446] [RFC9325] provides confidentiality while
   the message is in transit from an SMTP client to the next SMTP
   server...

Maybe.  It depends on the cipher suite that was negotiated.  IANA provides
eNULL and aNULL cipher suites:[0]

  * TLS_NULL_WITH_NULL_NULL (0x00,0x00)
  * TLS_RSA_WITH_NULL_MD5 (0x00,0x01)
  * TLS_RSA_WITH_NULL_SHA (0x00,0x02)

I checked RFC3207, RFC4954, RFC7672, RFC8446, RFC8461, RFC8689, but I did
not see a treatment of the eNULL and aNULL cipher suites.  However,
RFC9325 Recommendations for Secure Use of Transport Layer Security (TLS)
and Datagram Transport Layer Security (DTLS) does say, "Implementations
MUST NOT negotiate the cipher suites with NULL encryption."

Do eNULL and aNULL cipher suites meet the confidentiality and integrity
goals or requirements for email messages in this A/S?  (Devil's advocate:
They are using TLS, after all).  Is this something that should be addressed
in the A/S, or maybe even restated from RFC9325 in this A/S?  Or is RFC9325
alone as a separate document sufficient?

Jeff

[0]
https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-4

v2.40.4 | Report a Bug | By Email | System Status