Re: [ietf-smtp] why are we reinventing mta-sts ?
Keith Moore <moore@network-heretics.com> Mon, 07 October 2019 20:50 UTC
Return-Path: <moore@network-heretics.com>
X-Original-To: ietf-smtp@ietfa.amsl.com
Delivered-To: ietf-smtp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9754D12008A for <ietf-smtp@ietfa.amsl.com>; Mon, 7 Oct 2019 13:50:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=messagingengine.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ujp6xjhAtZFw for <ietf-smtp@ietfa.amsl.com>; Mon, 7 Oct 2019 13:50:08 -0700 (PDT)
Received: from wout3-smtp.messagingengine.com (wout3-smtp.messagingengine.com [64.147.123.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0203A120020 for <ietf-smtp@ietf.org>; Mon, 7 Oct 2019 13:50:08 -0700 (PDT)
Received: from compute6.internal (compute6.nyi.internal [10.202.2.46]) by mailout.west.internal (Postfix) with ESMTP id 464C946D; Mon, 7 Oct 2019 16:50:07 -0400 (EDT)
Received: from mailfrontend1 ([10.202.2.162]) by compute6.internal (MEProxy); Mon, 07 Oct 2019 16:50:07 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=WtmW5Z wPyxy9x5RuOgdWxQpZJL3ySDLHm/dtHcWc5pw=; b=ZK/e569lm4CY+lhOTaPRZz TuMhTNZoDR4LGg1zVrzcIHvxl/8+ILZgKCz/pizkskpYkv7u1HGu+sxqdzec7gbk 00HebRFtBcxEeUfcHNkTvEMv6fIqlywIsll47cLchXFCloQboTNc+mwmIFZbChLq EuEFWEY38gZ2Nt8/Z40TB+/AEVv9Bcpdxy77KHptX76merXrOeXkariW7Iqd0iSX 1Q+CxABQUgOCXXgX2TC7GcHTOSuijV9PjWvA2uZmtUYbEZfxScPunayusHZ7Epgr e4nXSeCvMqgq9DNPV3EHLeao8spJWiRBGQUQeZ1S0BDRQsAUWvr81J03jCQzmAdQ ==
X-ME-Sender: <xms:_aSbXeQ3bDna9WuGoSPyd03elfe5rYJ5l8-6UYUxXYywtvrYlzliWA>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedufedrheejgddugeduucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhepuffvfhfhkffffgggjggtsegrtderredtfeejnecuhfhrohhmpefmvghithhh ucfoohhorhgvuceomhhoohhrvgesnhgvthifohhrkhdqhhgvrhgvthhitghsrdgtohhmqe enucffohhmrghinhepvgigrghmphhlvgdrtghomhenucfkphepuddtkedrvddvuddrudek tddrudehnecurfgrrhgrmhepmhgrihhlfhhrohhmpehmohhorhgvsehnvghtfihorhhkqd hhvghrvghtihgtshdrtghomhenucevlhhushhtvghrufhiiigvpedt
X-ME-Proxy: <xmx:_aSbXRINO39CInsiVEnoj44K3J3qAr9jw1LYeLWew9DoE4NKGvV4lw> <xmx:_aSbXVXN7KRgEkMLLUjyHvwK1ymZOT16hWo3GWRUHlG1Y1rGAKlOSQ> <xmx:_aSbXVSNJIMpsKzjXt7nKLXDdvxqEpqsBuxEgYwDHMEU_8IXmDDrvg> <xmx:_qSbXQKcxZ3ILihzlQ0IOA6cznypZe8M47ZVLY2V8unmpCh396oFFQ>
Received: from [192.168.1.97] (108-221-180-15.lightspeed.knvltn.sbcglobal.net [108.221.180.15]) by mail.messagingengine.com (Postfix) with ESMTPA id 2195580063; Mon, 7 Oct 2019 16:50:05 -0400 (EDT)
To: Viruthagiri Thirumavalavan <giri@dombox.org>, John R Levine <johnl@taugh.com>
Cc: SMTP Discuss <ietf-smtp@ietf.org>
References: <20191007162824.64ED8BB6CA1@ary.qy> <53D231EA-D749-4437-9759-6F1B3ECC6142@network-heretics.com> <alpine.OSX.2.21.99999.368.1910071506250.38715@ary.qy> <CAOEezJQt-6GNJ08MsZ5PUOBD6mf9CBXc8duu7xVLDxirzeqauQ@mail.gmail.com>
From: Keith Moore <moore@network-heretics.com>
Message-ID: <5b90d08f-8277-6c50-d069-4709880f932f@network-heretics.com>
Date: Mon, 07 Oct 2019 16:50:03 -0400
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0
MIME-Version: 1.0
In-Reply-To: <CAOEezJQt-6GNJ08MsZ5PUOBD6mf9CBXc8duu7xVLDxirzeqauQ@mail.gmail.com>
Content-Type: multipart/alternative; boundary="------------47D684CC5D5F1E152C9AE307"
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-smtp/9KxfwRVulU4G6pZowhzFJAySrsw>
Subject: Re: [ietf-smtp] why are we reinventing mta-sts ?
X-BeenThere: ietf-smtp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussion of issues related to Simple Mail Transfer Protocol \(SMTP\) \[RFC 821, RFC 2821, RFC 5321\]" <ietf-smtp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-smtp/>
List-Post: <mailto:ietf-smtp@ietf.org>
List-Help: <mailto:ietf-smtp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Oct 2019 20:50:10 -0000
On 10/7/19 4:37 PM, Viruthagiri Thirumavalavan wrote: > If you can figure out a backward compatible way for authoritative DNS > servers to signal that they support DoT without a lot of > performance loss > (e.g., a failed probe to port 853 on every query to a non-DoT > server), a > lot of people over in dnsop would like to hear about it. > > > How about adding a prefix or label just like our solution for the > authoritative DNS servers that support DoT? > > ns1.example.com <http://ns1.example.com> => dot-ns1.example.com > <http://dot-ns1.example.com> OR _dot.ns1.example.com > <http://dot.ns1.example.com> I was thinking more in terms of a new DNS RR type: example.com DOTNS ns1.example.com And change DNS servers to return DOTNS records as additional information in the same circumstances as they return NS records. That way the DOTNS records get automatically discovered in exactly the same way that NS records do. Of course you want the DOTNS records to be signed with DNSSEC but this is less of a problem for RRs in TLD and SLD zones than it is for DNS zones in general. Keith
- Re: [ietf-smtp] why are we reinventing mta-sts ? John R Levine
- Re: [ietf-smtp] why are we reinventing mta-sts ? Claus Assmann
- Re: [ietf-smtp] why are we reinventing mta-sts ? Keith Moore
- Re: [ietf-smtp] why are we reinventing mta-sts ? John Levine
- Re: [ietf-smtp] why are we reinventing mta-sts ? Daniel Margolis
- Re: [ietf-smtp] why are we reinventing mta-sts ? Keith Moore
- Re: [ietf-smtp] why are we reinventing mta-sts ? Viruthagiri Thirumavalavan
- Re: [ietf-smtp] why are we reinventing mta-sts ? Viruthagiri Thirumavalavan
- Re: [ietf-smtp] why are we reinventing mta-sts ? John Levine
- Re: [ietf-smtp] why are we reinventing mta-sts ? Keith Moore
- Re: [ietf-smtp] why are we reinventing mta-sts ? Дилян Палаузов
- Re: [ietf-smtp] why are we reinventing mta-sts ? John Levine
- Re: [ietf-smtp] why are we reinventing mta-sts ? Viruthagiri Thirumavalavan
- Re: [ietf-smtp] why are we reinventing mta-sts ? Valdis Kl=?utf-8?Q?=c4=93?=tnieks
- Re: [ietf-smtp] why are we reinventing mta-sts ? Viruthagiri Thirumavalavan
- Re: [ietf-smtp] why are we reinventing mta-sts ? Keith Moore
- Re: [ietf-smtp] why are we reinventing mta-sts ? John R Levine
- Re: [ietf-smtp] why are we reinventing mta-sts ? Stan Kalisch
- Re: [ietf-smtp] why are we reinventing mta-sts ? Daniel Margolis
- Re: [ietf-smtp] why are we reinventing mta-sts ? Keith Moore
- Re: [ietf-smtp] why are we reinventing mta-sts ? Viruthagiri Thirumavalavan
- Re: [ietf-smtp] why are we reinventing mta-sts ? Keith Moore
- Re: [ietf-smtp] why are we reinventing mta-sts ? Viruthagiri Thirumavalavan
- Re: [ietf-smtp] why are we reinventing mta-sts ? Rich Kulawiec
- Re: [ietf-smtp] why are we reinventing mta-sts ? John Levine
- Re: [ietf-smtp] why are we reinventing mta-sts ? Tony Finch
- Re: [ietf-smtp] why are we reinventing mta-sts ? Keith Moore
- Re: [ietf-smtp] why are we reinventing mta-sts ? Tony Finch
- Re: [ietf-smtp] why are we reinventing mta-sts ? Valdis Kl=?utf-8?Q?=c4=93?=tnieks
- Re: [ietf-smtp] why are we reinventing mta-sts ? Viruthagiri Thirumavalavan
- Re: [ietf-smtp] MTA-STS scale (was: why are we re… Viktor Dukhovni
- Re: [ietf-smtp] why are we reinventing mta-sts ? Rich Kulawiec
- Re: [ietf-smtp] why are we reinventing mta-sts ? John Levine
- Re: [ietf-smtp] why are we reinventing mta-sts ? Hector Santos
- Re: [ietf-smtp] why are we reinventing mta-sts ? Viktor Dukhovni
- Re: [ietf-smtp] why are we reinventing mta-sts ? John Levine
- Re: [ietf-smtp] [OT] (signed TLDs) Viktor Dukhovni
- Re: [ietf-smtp] [OT] (signed TLDs) John Levine
- Re: [ietf-smtp] [OT] (signed TLDs) John Levine
- Re: [ietf-smtp] [OT] (signed TLDs) Viktor Dukhovni
- Re: [ietf-smtp] [OT] (signed TLDs) John Levine
- Re: [ietf-smtp] [OT] (signed TLDs) Viktor Dukhovni
- Re: [ietf-smtp] [OT] (signed TLDs) John Levine
- Re: [ietf-smtp] [OT] (signed TLDs) Viktor Dukhovni
- Re: [ietf-smtp] [OT] (signed TLDs) Tony Finch
- Re: [ietf-smtp] [OT] (signed TLDs) John R Levine
- Re: [ietf-smtp] [OT] (signed TLDs) Tony Finch
- Re: [ietf-smtp] [OT] (signed TLDs) Hector Santos
- Re: [ietf-smtp] [OT] (signed TLDs) Arnt Gulbrandsen
- Re: [ietf-smtp] [OT] (signed TLDs) Valdis Kl=?utf-8?Q?=c4=93?=tnieks
- Re: [ietf-smtp] [OT] (signed TLDs) Hector Santos
- Re: [ietf-smtp] [OT] (signed TLDs) Keith Moore
- Re: [ietf-smtp] [OT] (signed TLDs) John Levine
- Re: [ietf-smtp] [OT] (signed TLDs) Mark Andrews
- Re: [ietf-smtp] [OT] (signed TLDs) Viktor Dukhovni
- Re: [ietf-smtp] [OT] (signed TLDs) Hector Santos
- [ietf-smtp] HTTPS degrading (was: [OT] (signed TL… Keith Moore
- Re: [ietf-smtp] [OT] (signed TLDs) Tony Finch
- Re: [ietf-smtp] HTTPS degrading Hector Santos