Re: [ietf-smtp] Endless debate on IP literals
Keith Moore <moore@network-heretics.com> Fri, 03 January 2020 04:33 UTC
Return-Path: <moore@network-heretics.com>
X-Original-To: ietf-smtp@ietfa.amsl.com
Delivered-To: ietf-smtp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1BDB61200B4 for <ietf-smtp@ietfa.amsl.com>; Thu, 2 Jan 2020 20:33:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=messagingengine.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Z9i7WjKBkLAG for <ietf-smtp@ietfa.amsl.com>; Thu, 2 Jan 2020 20:33:37 -0800 (PST)
Received: from out3-smtp.messagingengine.com (out3-smtp.messagingengine.com [66.111.4.27]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E316812003E for <ietf-smtp@ietf.org>; Thu, 2 Jan 2020 20:33:36 -0800 (PST)
Received: from compute6.internal (compute6.nyi.internal [10.202.2.46]) by mailout.nyi.internal (Postfix) with ESMTP id D903A2217D; Thu, 2 Jan 2020 23:33:35 -0500 (EST)
Received: from mailfrontend2 ([10.202.2.163]) by compute6.internal (MEProxy); Thu, 02 Jan 2020 23:33:35 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm1; bh=sbEGg5oVei8vHX8E9BouG7xzBXBMM7BhMPS3L7jqV Ok=; b=ygZ43XSoppZF83e8y9MleGSrjv4qTa1dcYC5DAS/p/d9I+9ytu3NLNXj8 wqIjCPT3+LE6VRBTL4WQsbK5KPULnudTri2R9O16FJV/FQhFIe6UUE6llTRgDHKo m0VbmvVvRadFYRJ1alPTc6k8zRuOhABQF6Mz4JZwp1GmOiJosEqYKbwUWHcMlNeX OecfUcLeT6pfE3KqyUftsYAyokunbqocwwTrgvECqzGOpCG2KO+8N0UAZKJBL0h3 VHFNLqZgt+v5xOgNix+6cPsGBBjX4/MwRA9ZX1SL++Qcg7akEnJK6N1dtmwWVJYd feqHrzMNajEnl4rTEERNKQUuVhr/Q==
X-ME-Sender: <xms:H8QOXmmfDSrBHz0y0GseAkTqv2mKErb-CBTL4qocFpM8-jpNjP7DlA>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedufedrvdegvddgieelucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhepuffvfhfhkffffgggjggtgfesthekredttdefjeenucfhrhhomhepmfgvihht hhcuofhoohhrvgcuoehmohhorhgvsehnvghtfihorhhkqdhhvghrvghtihgtshdrtghomh eqnecukfhppedutdekrddvvddurddukedtrdduheenucfrrghrrghmpehmrghilhhfrhho mhepmhhoohhrvgesnhgvthifohhrkhdqhhgvrhgvthhitghsrdgtohhmnecuvehluhhsth gvrhfuihiivgeptd
X-ME-Proxy: <xmx:H8QOXpxL_qBN56WPF_fv8_fWlfsw6gD5KCQLRz0wQJCHjOuvhDScyA> <xmx:H8QOXnt2lZ3NhDBGILAuDwNjaxgEc1Sobx6LoX6gWYhesNkoFsHq5g> <xmx:H8QOXl-kSXTBosk5b-D73AlA2tLK46Ts_OvWQfBHf_unYzv24gkEmw> <xmx:H8QOXi6aU6SYzwk7lr64uJmUofGj4ac7cQHciZdOe0tuRf_Ng49Log>
Received: from [192.168.1.97] (108-221-180-15.lightspeed.knvltn.sbcglobal.net [108.221.180.15]) by mail.messagingengine.com (Postfix) with ESMTPA id 2F4BE30600A8; Thu, 2 Jan 2020 23:33:35 -0500 (EST)
To: Ned Freed <ned.freed@mrochek.com>
Cc: ietf-smtp@ietf.org
References: <20200101183846.38F7811E2E72@ary.qy> <64f30fa9-ab2a-fe48-f324-426ed48b7091@network-heretics.com> <20200101193816.GP73491@straasha.imrryr.org> <b3f0f5d9-a433-b83a-b032-b726ddd8919a@network-heretics.com> <01RFPO42TK1E000059@mauve.mrochek.com>
From: Keith Moore <moore@network-heretics.com>
Message-ID: <c4864d26-9c54-fa6c-a844-2a6337aa8fa5@network-heretics.com>
Date: Thu, 02 Jan 2020 23:33:33 -0500
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.9.0
MIME-Version: 1.0
In-Reply-To: <01RFPO42TK1E000059@mauve.mrochek.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-smtp/oziQ64An0PTqu2UitWMq3fzpWcI>
Subject: Re: [ietf-smtp] Endless debate on IP literals
X-BeenThere: ietf-smtp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussion of issues related to Simple Mail Transfer Protocol \(SMTP\) \[RFC 821, RFC 2821, RFC 5321\]" <ietf-smtp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-smtp/>
List-Post: <mailto:ietf-smtp@ietf.org>
List-Help: <mailto:ietf-smtp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 Jan 2020 04:33:40 -0000
On 1/2/20 10:30 PM, Ned Freed wrote: > >> Are we going to specify port 25 for pre-submission and only use 587 for >> "real" submission? (and see another message about IP address >> authentication) > > I didn't think it was possible to do worse than the awful airport term > "pre-board" - which, as George Carlin noted, means to "get on before > you get > on". > > It seems I was wrong. (I always used to wonder about Dulles airport when they still used the "mobile lounges"... did you have to pre-pre-board those?) >> Not saying I like or dislike the idea - it strikes me that it might be >> the right answer but something still seems odd about it. > > There's absolutely no question that SUBMIT, as presently defined is > useless if > not actively inimical to a lot of IOT usage. But I don't think a > precursor > step to SUBMIT is the answer, no matter what you call it. Rather, it's > a submission service with a different profile. Offhand, I think I'm fine with that. > And I'm afraid everyone is going to have to accept authorization by IP > as a > possibility, which, assertions to the contrary notwithstanding, scales > just > fine to cover tens of thousands of nodes at a minimum. I never said it didn't scale. I said it's too easy to defeat. Or maybe the "submission service with a different profile" needs to do some serious rate limiting to keep it from being used to inject too many messages into the system. >> TLS is somewhat problematic for various reasons. For devices not >> connected to the public Internet, updates are harder, including updates >> to the list of trusted CAs (since old certs will have expired). Also >> for machines that don't do DNS, TLS is still possible to use, but the >> client needs to know separately what name to use for certificate >> verification. (Then again, last time I tried to write a HTTP client >> for a PIC32- only two years ago- the available TLS library didn't even >> have certificate verification support, in other words, it was nearly >> useless for security purposes.) > > (I have no experience with the PIC32, but FWIW the situation with the > ESP32 is > better than what you describe.) I haven't wrestled with one of those yet. (On the PIC32 project I gave up after a month and put everything on an ARM-linux platform, which brought with it a completely different set of security issues of course.) > But this walks around the bigger problem, which is handling > certificate/key/password rotations and updates at scale. The tools > I've seen for this so far fail to impress. My working assumption is that the larger number of IP appliances on industrial networks simply don't get updated, in any form, during their working lifetimes. But it's hard to generalize because there are so many different industries with different ideas of standard practice. >> But I think challenge-response based on hashed passwords might be >> sufficient for purpose. > > The idea of using an actual PAKE does have it's attractions, although > the best > hash-only mechansism are probably sufficient. But there's still the > password > management problem. Yes. > >> Yes, but RFCs do influence how-to guides, MTA documentation and >> configuration settings, and IoT device setting screens. > > Exactly. This is why the business about removing support for IP > literals from > "relay SMTP" worries me: It could easily lead to servers being written > with the > capability removed entirely. So if you're going to do this, it needs > to be done > in a separate profile document (or whatever you want to call it). Agree. >> > Well, authentication requires credential management, ... so means for >> > example devices joining Kerberos domains, or manually provisioned with >> > passwords, ... For which the standards are much more diverse than >> SMTP. >> > If you're concerned about the complexity of configuring SMTP, then you >> > really don't want to contemplate securing the network. > > And flipping it around: You're not going to come up with a competent > service > profile without understanding cloud security mechanisms. Good point. Because of course there's a widespread expectation that I*oT devices should talk to services in the cloud. (I hope the "must use cloud" idea is a passing fad, it leads to a lot of shortsighted decisions.) Keith
- [ietf-smtp] Possible cont4ibution to moving forwa… John C Klensin
- Re: [ietf-smtp] Possible cont4ibution to moving f… Dave Crocker
- Re: [ietf-smtp] Possible cont4ibution to moving f… Keith Moore
- Re: [ietf-smtp] Possible cont4ibution to moving f… John C Klensin
- Re: [ietf-smtp] Possible cont4ibution to moving f… John C Klensin
- Re: [ietf-smtp] Possible cont4ibution to moving f… Keith Moore
- Re: [ietf-smtp] Possible cont4ibution to moving f… Viktor Dukhovni
- Re: [ietf-smtp] Possible cont4ibution to moving f… Viktor Dukhovni
- Re: [ietf-smtp] Possible cont4ibution to moving f… Keith Moore
- Re: [ietf-smtp] Possible cont4ibution to moving f… John C Klensin
- Re: [ietf-smtp] Possible cont4ibution to moving f… Viktor Dukhovni
- Re: [ietf-smtp] Possible cont4ibution to moving f… Jeremy Harris
- Re: [ietf-smtp] Possible cont4ibution to moving f… Alessandro Vesely
- Re: [ietf-smtp] Possible contiibution to moving f… John C Klensin
- Re: [ietf-smtp] Possible contiibution to moving f… Viktor Dukhovni
- Re: [ietf-smtp] Possible contiibution to moving f… John C Klensin
- Re: [ietf-smtp] Possible contribution to moving f… Viktor Dukhovni
- Re: [ietf-smtp] Possible contribution to moving f… John C Klensin
- Re: [ietf-smtp] Possible contribution to moving f… S Moonesamy
- Re: [ietf-smtp] Possible cont4ibution to moving f… Barry Leiba
- Re: [ietf-smtp] Possible cont4ibution to moving f… Dave Crocker
- Re: [ietf-smtp] Possible cont4ibution to moving f… John Levine
- Re: [ietf-smtp] Possible cont4ibution to moving f… Keith Moore
- Re: [ietf-smtp] Possible cont4ibution to moving f… Keith Moore
- Re: [ietf-smtp] Possible cont4ibution to moving f… John Levine
- Re: [ietf-smtp] Possible cont4ibution to moving f… Keith Moore
- Re: [ietf-smtp] Possible cont4ibution to moving f… John R Levine
- Re: [ietf-smtp] Possible cont4ibution to moving f… Laura Atkins
- Re: [ietf-smtp] Possible cont4ibution to moving f… Keith Moore
- Re: [ietf-smtp] Possible cont4ibution to moving f… Laura Atkins
- Re: [ietf-smtp] Possible cont4ibution to moving f… Keith Moore
- Re: [ietf-smtp] Possible cont4ibution to moving f… Laura Atkins
- Re: [ietf-smtp] Possible cont4ibution to moving f… Keith Moore
- Re: [ietf-smtp] Endless debate on IP literals John Levine
- Re: [ietf-smtp] Possible cont4ibution to moving f… Hector Santos
- Re: [ietf-smtp] Possible cont4ibution to moving f… Keith Moore
- Re: [ietf-smtp] Endless debate on IP literals Dave Crocker
- [ietf-smtp] It's not about IP-Literals, its about… Hector Santos
- Re: [ietf-smtp] Endless debate on IP literals John C Klensin
- Re: [ietf-smtp] Endless debate on IP literals John R Levine
- Re: [ietf-smtp] Endless debate on IP literals Keith Moore
- Re: [ietf-smtp] Endless debate on IP literals Dave Crocker
- Re: [ietf-smtp] Possible cont4ibution to moving f… Jeremy Harris
- Re: [ietf-smtp] Endless debate on IP literals John R Levine
- Re: [ietf-smtp] Endless debate on IP literals Dave Crocker
- Re: [ietf-smtp] Endless debate on IP literals Dave Crocker
- Re: [ietf-smtp] Endless debate on IP literals Keith Moore
- Re: [ietf-smtp] Endless debate on IP literals John R Levine
- Re: [ietf-smtp] Possible cont4ibution to moving f… John Levine
- Re: [ietf-smtp] Possible cont4ibution to moving f… Keith Moore
- Re: [ietf-smtp] Possible contribution to moving f… Viktor Dukhovni
- Re: [ietf-smtp] Possible contribution to moving f… Keith Moore
- Re: [ietf-smtp] SMTP client certs John Levine
- Re: [ietf-smtp] Endless debate on IP literals John Levine
- Re: [ietf-smtp] Possible contribution to moving f… Richard Clayton
- Re: [ietf-smtp] Possible contribution to moving f… John Levine
- Re: [ietf-smtp] Possible contribution to moving f… Viktor Dukhovni
- Re: [ietf-smtp] Endless debate on IP literals Keith Moore
- Re: [ietf-smtp] Possible contribution to moving f… Keith Moore
- Re: [ietf-smtp] Endless debate on IP literals John R Levine
- Re: [ietf-smtp] Endless debate on IP literals Viktor Dukhovni
- Re: [ietf-smtp] Endless debate on IP literals Keith Moore
- Re: [ietf-smtp] Endless debate on IP literals John Levine
- Re: [ietf-smtp] Endless debate on IP literals Keith Moore
- Re: [ietf-smtp] Possible contribution to moving f… Dave Crocker
- Re: [ietf-smtp] Endless debate on IP literals Keith Moore
- Re: [ietf-smtp] Endless debate on IP literals John Levine
- Re: [ietf-smtp] Endless debate on IP literals Keith Moore
- Re: [ietf-smtp] Endless debate on IP literals Viktor Dukhovni
- Re: [ietf-smtp] Endless debate on IP literals Alessandro Vesely
- Re: [ietf-smtp] Possible contribution to moving f… Hector Santos
- Re: [ietf-smtp] Possible contribution to moving f… Hector Santos
- Re: [ietf-smtp] Endless debate on IP literals Dave Crocker
- Re: [ietf-smtp] Possible cont4ibution to moving f… Hector Santos
- Re: [ietf-smtp] Endless debate on IP literals Hector Santos
- Re: [ietf-smtp] Endless debate on IP literals John R Levine
- Re: [ietf-smtp] Possible contribution to moving f… Keith Moore
- Re: [ietf-smtp] Possible cont4ibution to moving f… Keith Moore
- Re: [ietf-smtp] Possible cont4ibution to moving f… Hector Santos
- Re: [ietf-smtp] Possible cont4ibution to moving f… Dave Crocker
- Re: [ietf-smtp] Endless debate on IP literals Dave Crocker
- Re: [ietf-smtp] Possible contribution to moving f… John C Klensin
- Re: [ietf-smtp] Possible contribution to moving f… Dave Crocker
- Re: [ietf-smtp] Possible cont4ibution to moving f… Keith Moore
- Re: [ietf-smtp] Possible cont4ibution to moving f… Keith Moore
- Re: [ietf-smtp] Possible cont4ibution to moving f… Dave Crocker
- Re: [ietf-smtp] Possible cont4ibution to moving f… Arnt Gulbrandsen
- Re: [ietf-smtp] Endless debate on IP literals Keith Moore
- Re: [ietf-smtp] Possible contribution to moving f… Keith Moore
- Re: [ietf-smtp] Possible contribution to moving f… Dave Crocker
- Re: [ietf-smtp] Possible contribution to moving f… Keith Moore
- Re: [ietf-smtp] Possible cont4ibution to moving f… Keith Moore
- Re: [ietf-smtp] Possible cont4ibution to moving f… Dave Crocker
- Re: [ietf-smtp] Possible cont4ibution to moving f… Keith Moore
- Re: [ietf-smtp] Possible cont4ibution to moving f… Dave Crocker
- Re: [ietf-smtp] Possible cont4ibution to moving f… Keith Moore
- Re: [ietf-smtp] Possible contribution to moving f… John C Klensin
- Re: [ietf-smtp] Possible contribution to moving f… Keith Moore
- Re: [ietf-smtp] Possible cont4ibution to moving f… John Levine
- Re: [ietf-smtp] Possible cont4ibution to moving f… John Levine
- Re: [ietf-smtp] Possible contribution to moving f… Dave Crocker
- Re: [ietf-smtp] Endless debate on IP literals Ned Freed
- Re: [ietf-smtp] Possible cont4ibution to moving f… Dave Crocker
- Re: [ietf-smtp] Endless debate on IP literals Ned Freed
- Re: [ietf-smtp] Endless debate on IP literals Dave Crocker
- Re: [ietf-smtp] Endless debate on IP literals Keith Moore
- [ietf-smtp] lounging around Dave Crocker
- Re: [ietf-smtp] Endless debate on IP literals Keith Moore
- Re: [ietf-smtp] Possible cont4ibution to moving f… Keith Moore
- Re: [ietf-smtp] Endless debate on IP literals John R Levine
- Re: [ietf-smtp] Possible cont4ibution to moving f… Keith Moore
- Re: [ietf-smtp] lounging around John Levine
- Re: [ietf-smtp] Endless debate on submission auth… John Levine
- Re: [ietf-smtp] lounging around John Levine
- Re: [ietf-smtp] lounging around Keith Moore
- Re: [ietf-smtp] lounging around Dave Crocker