Re: [dane] draft-fanf-dane-smtp
Paul Hoffman <paul.hoffman@vpnc.org> Sat, 02 June 2012 15:10 UTC
Received: from hoffman.proper.com (localhost [127.0.0.1]) by hoffman.proper.com (8.14.5/8.14.5) with ESMTP id q52FAIHM034429 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sat, 2 Jun 2012 08:10:18 -0700 (MST) (envelope-from owner-ietf-smtp@mail.imc.org)
Received: (from majordom@localhost) by hoffman.proper.com (8.14.5/8.13.5/Submit) id q52FAINb034428; Sat, 2 Jun 2012 08:10:18 -0700 (MST) (envelope-from owner-ietf-smtp@mail.imc.org)
X-Authentication-Warning: hoffman.proper.com: majordom set sender to owner-ietf-smtp@mail.imc.org using -f
Received: from [10.20.30.102] (50-0-66-4.dsl.dynamic.fusionbroadband.com [50.0.66.4]) (authenticated bits=0) by hoffman.proper.com (8.14.5/8.14.5) with ESMTP id q52FAFIa034417 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Sat, 2 Jun 2012 08:10:16 -0700 (MST) (envelope-from paul.hoffman@vpnc.org)
Subject: Re: [dane] draft-fanf-dane-smtp
Mime-Version: 1.0 (Apple Message framework v1278)
Content-Type: text/plain; charset="us-ascii"
From: Paul Hoffman <paul.hoffman@vpnc.org>
In-Reply-To: <1338606328.1728.64.camel@localhost>
Date: Sat, 02 Jun 2012 08:10:17 -0700
Cc: ietf-smtp@imc.org, IETF DANE WG list <dane@ietf.org>
Message-Id: <77C97071-7639-48F0-98AD-A1B6EF3F021A@vpnc.org>
References: <alpine.LSU.2.00.1205251812480.572@hermes-2.csi.cam.ac.uk> <1338435781.1728.29.camel@localhost> <B00413B4-1792-474D-9130-2249DACBB654@vpnc.org> <1338606328.1728.64.camel@localhost>
To: Matt McCutchen <matt@mattmccutchen.net>
X-Mailer: Apple Mail (2.1278)
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by hoffman.proper.com id q52FAGIZ034421
Sender: owner-ietf-smtp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-smtp/mail-archive/>
List-ID: <ietf-smtp.imc.org>
List-Unsubscribe: <mailto:ietf-smtp-request@imc.org?body=unsubscribe>
On Jun 1, 2012, at 8:05 PM, Matt McCutchen wrote: > I thought (and hoped) that TLSA was a generic protocol for > authenticating a TLS service at a given (DNS name, transport, port), > nothing more. I didn't realize that subsequent documents would attach > other semantics to TLSA RRsets. Nothing in the DANE doc anticipates > this. (The clause, "Unless there is a protocol-specific specification > that is different than this one", appears to me to refer to putting TLSA > RRsets at a different owner name, not giving them different semantics.) > I would oppose doing this, but it looks like I'm outvoted. It was discussed on the DANE mailing list off and on over time, particularly with respect to SRV-using protocols. You may disagree with it and hope for different, but it should not be a surprise to you. We all know that a TLS-on-defined-port protocol is not the same as a TLS-after-upgrade protocol when the TLS handshake fails, and DANE by design gives a different way for the TLS handshake to fail. >> I think HASTLS might be a good idea, but the IETF still needs to have >> the discussion of layering of these types of announcements. > > I think IETF should have that discussion before the WG commits to Tony's > proposal for SMTP. This draft is a great forcing function for the discussion. However, I will be shocked if the discussion comes to a fixed result any time soon. >>> This approach is not going to work. >> >> It will work fine for everyone who doesn't do the "cover every port >> and assume that no future protocol will ever define how specific >> applications will use TLSA". > > It's true that there was no strong support for ensuring that covering > every port works. s/no strong support/no noticeable support/ > Though, if we intend to break it, section "A.2.1.3. > Provisioning TLSA Records with Wildcards" of the DANE doc should be > updated. Disagree. The text in A.2.1.3 is still correct: it's only your interpretation of "if the port is covered, it must offer TLS" that is wrong. > It's also true that I can't just expect the standard to support the > features I want without slogging through the process of building > consensus. For now, I can have fun deploying records with the > private-use certificate usage and implementing them in my client. By all means let the mailing list know your experiences with that deployment. If DANE is anything like DNSSEC, we have muffed and understated many important features that will only be found by interesting deployment. --Paul Hoffman From ietf-secretariat@ietf.org Mon Jun 18 08:09:58 2012 Return-Path: <ietf-secretariat@ietf.org> X-Original-To: ietf-smtp@ietfa.amsl.com Delivered-To: ietf-smtp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 95B2C21F86DE; Mon, 18 Jun 2012 08:09:58 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.599 X-Spam-Level: X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T+AcsokhNyyf; Mon, 18 Jun 2012 08:09:57 -0700 (PDT) Received: from ietfa.amsl.com (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 76D1B21F86D1; Mon, 18 Jun 2012 08:09:57 -0700 (PDT) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable From: IETF Secretariat <ietf-secretariat@ietf.org> To: IETF Announcement List <ietf-announce@ietf.org> X-Test-IDTracker: no X-IETF-IDTracker: 4.20 Message-ID: <20120618150957.13921.94840.idtracker@ietfa.amsl.com> Date: Mon, 18 Jun 2012 08:09:57 -0700 Cc: barryleiba@computer.org, ietf-smtp@ietf.org Subject: [ietf-smtp] New Non-WG Mailing List: ietf-smtp -- Discussion of issues related to Simple Mail Transfer Protocol (SMTP) X-BeenThere: ietf-smtp@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: "Discussion of issues related to Simple Mail Transfer Protocol \(SMTP\) \[RFC 821, RFC 2821, RFC 5321\]" <ietf-smtp.ietf.org> List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=unsubscribe> List-Archive: <http://www.ietf.org/mail-archive/web/ietf-smtp> List-Post: <mailto:ietf-smtp@ietf.org> List-Help: <mailto:ietf-smtp-request@ietf.org?subject=help> List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=subscribe> X-List-Received-Date: Mon, 18 Jun 2012 15:09:58 -0000 A new IETF non-working group email list has been created. List address:ietf-smtp@ietf.org Archive: http://www.ietf.org/mail-archive/web/ietf-smtp/ To subscribe: https://www.ietf.org/mailman/listinfo/ietf-smtp Purpose: Discussion of issues related to Simple Mail Transfer Protocol (SMTP) [RFC 821, RFC 2821, RFC 5321] Notes: This replaces the existing ietf-smtp list hosted at imc.org, and subscriptions will be automatically transferred from that list to this. For additional information, please contact the list administrators. From semtlenori@gmail.com Thu Jun 21 09:25:43 2012 Return-Path: <semtlenori@gmail.com> X-Original-To: ietf-smtp@ietfa.amsl.com Delivered-To: ietf-smtp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6909D21F86FF for <ietf-smtp@ietfa.amsl.com>; Thu, 21 Jun 2012 09:25:43 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.999 X-Spam-Level: X-Spam-Status: No, score=-2.999 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, J_CHICKENPOX_63=0.6, RCVD_IN_DNSWL_LOW=-1] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4cXuJ+RQIcck for <ietf-smtp@ietfa.amsl.com>; Thu, 21 Jun 2012 09:25:42 -0700 (PDT) Received: from mail-pb0-f44.google.com (mail-pb0-f44.google.com [209.85.160.44]) by ietfa.amsl.com (Postfix) with ESMTP id D353221F86F7 for <ietf-smtp@ietf.org>; Thu, 21 Jun 2012 09:25:42 -0700 (PDT) Received: by pbcwy7 with SMTP id wy7so2396215pbc.31 for <ietf-smtp@ietf.org>; Thu, 21 Jun 2012 09:25:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject :content-type:content-transfer-encoding; bh=J1msGkaoKOXxQ76MH/zL2MgQ0Xaj3KhQrBLZa/INUJY=; b=bV640Zi72h2w+fGhtkz+R2S4jbKCwYSQ83NUuTZmNvO+PxVVFoPfv6po4BMNiIdZ7m Rf10va+55KvGpOoGpZe5/1nvYRMG4dwrUNOhGMLGmfja6ab3nTzs80Dd7Z2kBBrIc+0r 7iOg1BHG7WK0WvOWK4USxwjEJtA31/geF4xmSNJYsqONuLro+pEwCxHk816zE33j0u+j 8EpRU9Nk2anwi0rO/lUDtRVpuCy6h1Ok/Y87G1Iznbl78F8gRcb46XXggbXZ7yn9HQPs kJ0Fi0/Ys186zyTAGiBEMz1HdCwQouGK32hCLe5j87QBYBfRgbs6x2VXOc4NJRD/Dw1E A28g== Received: by 10.68.116.203 with SMTP id jy11mr115531pbb.129.1340295942677; Thu, 21 Jun 2012 09:25:42 -0700 (PDT) Received: from [192.168.0.22] ([222.238.226.139]) by mx.google.com with ESMTPS id ka5sm36089771pbb.37.2012.06.21.09.25.40 (version=SSLv3 cipher=OTHER); Thu, 21 Jun 2012 09:25:41 -0700 (PDT) Message-ID: <4FE34B02.3000400@gmail.com> Date: Fri, 22 Jun 2012 01:25:38 +0900 From: Yi EungJun <semtlenori@gmail.com> User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:12.0) Gecko/20120430 Thunderbird/12.0.1 MIME-Version: 1.0 To: ietf-smtp@ietf.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Mailman-Approved-At: Thu, 21 Jun 2012 11:02:00 -0700 Subject: [ietf-smtp] a protocol to negotiate protocol? X-BeenThere: ietf-smtp@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: "Discussion of issues related to Simple Mail Transfer Protocol \(SMTP\) \[RFC 821, RFC 2821, RFC 5321\]" <ietf-smtp.ietf.org> List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=unsubscribe> List-Archive: <http://www.ietf.org/mail-archive/web/ietf-smtp> List-Post: <mailto:ietf-smtp@ietf.org> List-Help: <mailto:ietf-smtp-request@ietf.org?subject=help> List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=subscribe> X-List-Received-Date: Thu, 21 Jun 2012 17:34:43 -0000 If this is not the right mailing list to ask my question, I apologize that. But I failed to find out any mailing list which is better than this. Configuring MUA, like Thunderbird, iMail or Outlook, is quite annoying for me because I have to know many configuration values; protocol, hostname, port, username, password, authentication method or more. If there is a protocol to negotiate the protocol to transport mails between mail client and server, based on preferences or capabilities of the both side, MUA could configure itself automatically without asking to user questions except mail address and password. For example, mail client asks to server(the domain part of the given mail address) which protocol it can use, and mail server replies that SMTP and IMAP is acceptable, and then mail client configures itself as server replies. Other configuration fields also could be filled in this way. Does anyone know a protocol such like that? From fanf2@hermes.cam.ac.uk Thu Jun 21 11:20:57 2012 Return-Path: <fanf2@hermes.cam.ac.uk> X-Original-To: ietf-smtp@ietfa.amsl.com Delivered-To: ietf-smtp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9BA4321F876A for <ietf-smtp@ietfa.amsl.com>; Thu, 21 Jun 2012 11:20:57 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.799 X-Spam-Level: X-Spam-Status: No, score=-4.799 tagged_above=-999 required=5 tests=[AWL=-0.800, BAYES_50=0.001, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id J3UOvKpqjMIp for <ietf-smtp@ietfa.amsl.com>; Thu, 21 Jun 2012 11:20:56 -0700 (PDT) Received: from ppsw-50.csi.cam.ac.uk (ppsw-50.csi.cam.ac.uk [131.111.8.150]) by ietfa.amsl.com (Postfix) with ESMTP id A869121F875A for <ietf-smtp@ietf.org>; Thu, 21 Jun 2012 11:20:56 -0700 (PDT) X-Cam-AntiVirus: no malware found X-Cam-SpamDetails: not scanned X-Cam-ScannerInfo: http://www.cam.ac.uk/cs/email/scanner/ Received: from hermes-2.csi.cam.ac.uk ([131.111.8.54]:59187) by ppsw-50.csi.cam.ac.uk (smtp.hermes.cam.ac.uk [131.111.8.157]:25) with esmtpa (EXTERNAL:fanf2) id 1Shlzz-0002yg-qK (Exim 4.72) (return-path <fanf2@hermes.cam.ac.uk>); Thu, 21 Jun 2012 19:20:55 +0100 Received: from fanf2 (helo=localhost) by hermes-2.csi.cam.ac.uk (hermes.cam.ac.uk) with local-esmtp id 1Shlzz-0008T2-5j (Exim 4.67) (return-path <fanf2@hermes.cam.ac.uk>); Thu, 21 Jun 2012 19:20:55 +0100 Date: Thu, 21 Jun 2012 19:20:55 +0100 From: Tony Finch <dot@dotat.at> X-X-Sender: fanf2@hermes-2.csi.cam.ac.uk To: Yi EungJun <semtlenori@gmail.com> In-Reply-To: <4FE34B02.3000400@gmail.com> Message-ID: <alpine.LSU.2.00.1206211920310.18854@hermes-2.csi.cam.ac.uk> References: <4FE34B02.3000400@gmail.com> User-Agent: Alpine 2.00 (LSU 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: Tony Finch <fanf2@hermes.cam.ac.uk> Cc: ietf-smtp@ietf.org Subject: Re: [ietf-smtp] a protocol to negotiate protocol? X-BeenThere: ietf-smtp@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: "Discussion of issues related to Simple Mail Transfer Protocol \(SMTP\) \[RFC 821, RFC 2821, RFC 5321\]" <ietf-smtp.ietf.org> List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=unsubscribe> List-Archive: <http://www.ietf.org/mail-archive/web/ietf-smtp> List-Post: <mailto:ietf-smtp@ietf.org> List-Help: <mailto:ietf-smtp-request@ietf.org?subject=help> List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=subscribe> X-List-Received-Date: Thu, 21 Jun 2012 18:20:57 -0000 Yi EungJun <semtlenori@gmail.com> wrote: > Does anyone know a protocol such like that? RFC 6186 Tony. -- f.anthony.n.finch <dot@dotat.at> http://dotat.at/ Viking, North Utsire, South Utsire, Northeast Forties: Easterly 4 or 5, increasing 6 or 7, perhaps gale 8 later, except in North Utsire. Slight, becoming moderate or rough, except in North Utsire. Occasional rain. Moderate or good. From arnt@gulbrandsen.priv.no Fri Jun 22 01:24:41 2012 Return-Path: <arnt@gulbrandsen.priv.no> X-Original-To: ietf-smtp@ietfa.amsl.com Delivered-To: ietf-smtp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8A4E621F8608 for <ietf-smtp@ietfa.amsl.com>; Fri, 22 Jun 2012 01:24:41 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bespmRLBdU23 for <ietf-smtp@ietfa.amsl.com>; Fri, 22 Jun 2012 01:24:41 -0700 (PDT) Received: from strange.aox.org (strange.aox.org [IPv6:2001:4d88:100c::1]) by ietfa.amsl.com (Postfix) with ESMTP id EF7DA21F85DD for <ietf-smtp@ietf.org>; Fri, 22 Jun 2012 01:24:40 -0700 (PDT) Received: from fri.gulbrandsen.priv.no (unknown [127.0.0.1]) by strange.aox.org (Postfix) with ESMTP id 3F55AF8D7AE; Fri, 22 Jun 2012 08:24:39 +0000 (UTC) Received: from arnt@gulbrandsen.priv.no by fri.gulbrandsen.priv.no (Archiveopteryx 3.1.4) with esmtpsa id 1340353478-13693-13693/10/1; Fri, 22 Jun 2012 08:24:38 +0000 Message-Id: <4FE42BC7.8030008@gulbrandsen.priv.no> Date: Fri, 22 Jun 2012 10:24:39 +0200 From: Arnt Gulbrandsen <arnt@gulbrandsen.priv.no> User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:12.0) Gecko/20120430 Thunderbird/12.0.1 Mime-Version: 1.0 To: ietf-smtp@ietf.org References: <4FE34B02.3000400@gmail.com> <alpine.LSU.2.00.1206211920310.18854@hermes-2.csi.cam.ac.uk> In-Reply-To: <alpine.LSU.2.00.1206211920310.18854@hermes-2.csi.cam.ac.uk> Content-Type: text/plain; charset=iso-8859-1; format=flowed Subject: Re: [ietf-smtp] a protocol to negotiate protocol? X-BeenThere: ietf-smtp@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: "Discussion of issues related to Simple Mail Transfer Protocol \(SMTP\) \[RFC 821, RFC 2821, RFC 5321\]" <ietf-smtp.ietf.org> List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=unsubscribe> List-Archive: <http://www.ietf.org/mail-archive/web/ietf-smtp> List-Post: <mailto:ietf-smtp@ietf.org> List-Help: <mailto:ietf-smtp-request@ietf.org?subject=help> List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=subscribe> X-List-Received-Date: Fri, 22 Jun 2012 08:24:41 -0000 > RFC 6186 While I greatly applaud that document in every detail, I do wonder... why do clients ask the user whether to use TLS? whether to use C=D? whether to perform plaintext or SASL authentication? Arnt From fanf2@hermes.cam.ac.uk Fri Jun 22 04:00:59 2012 Return-Path: <fanf2@hermes.cam.ac.uk> X-Original-To: ietf-smtp@ietfa.amsl.com Delivered-To: ietf-smtp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 553EB21F8674 for <ietf-smtp@ietfa.amsl.com>; Fri, 22 Jun 2012 04:00:59 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -5.985 X-Spam-Level: X-Spam-Status: No, score=-5.985 tagged_above=-999 required=5 tests=[AWL=0.614, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q60WwpXzxz3L for <ietf-smtp@ietfa.amsl.com>; Fri, 22 Jun 2012 04:00:58 -0700 (PDT) Received: from ppsw-52.csi.cam.ac.uk (ppsw-52.csi.cam.ac.uk [131.111.8.152]) by ietfa.amsl.com (Postfix) with ESMTP id 7B67021F853A for <ietf-smtp@ietf.org>; Fri, 22 Jun 2012 04:00:58 -0700 (PDT) X-Cam-AntiVirus: no malware found X-Cam-SpamDetails: not scanned X-Cam-ScannerInfo: http://www.cam.ac.uk/cs/email/scanner/ Received: from hermes-2.csi.cam.ac.uk ([131.111.8.54]:34478) by ppsw-52.csi.cam.ac.uk (smtp.hermes.cam.ac.uk [131.111.8.159]:25) with esmtpa (EXTERNAL:fanf2) id 1Si1bk-0004Xt-FN (Exim 4.72) (return-path <fanf2@hermes.cam.ac.uk>); Fri, 22 Jun 2012 12:00:56 +0100 Received: from fanf2 (helo=localhost) by hermes-2.csi.cam.ac.uk (hermes.cam.ac.uk) with local-esmtp id 1Si1bk-0006wA-EO (Exim 4.67) (return-path <fanf2@hermes.cam.ac.uk>); Fri, 22 Jun 2012 12:00:56 +0100 Date: Fri, 22 Jun 2012 12:00:56 +0100 From: Tony Finch <dot@dotat.at> X-X-Sender: fanf2@hermes-2.csi.cam.ac.uk To: Arnt Gulbrandsen <arnt@gulbrandsen.priv.no> In-Reply-To: <4FE42BC7.8030008@gulbrandsen.priv.no> Message-ID: <alpine.LSU.2.00.1206221145030.18854@hermes-2.csi.cam.ac.uk> References: <4FE34B02.3000400@gmail.com> <alpine.LSU.2.00.1206211920310.18854@hermes-2.csi.cam.ac.uk> <4FE42BC7.8030008@gulbrandsen.priv.no> User-Agent: Alpine 2.00 (LSU 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: Tony Finch <fanf2@hermes.cam.ac.uk> Cc: ietf-smtp@ietf.org Subject: Re: [ietf-smtp] a protocol to negotiate protocol? X-BeenThere: ietf-smtp@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: "Discussion of issues related to Simple Mail Transfer Protocol \(SMTP\) \[RFC 821, RFC 2821, RFC 5321\]" <ietf-smtp.ietf.org> List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=unsubscribe> List-Archive: <http://www.ietf.org/mail-archive/web/ietf-smtp> List-Post: <mailto:ietf-smtp@ietf.org> List-Help: <mailto:ietf-smtp-request@ietf.org?subject=help> List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=subscribe> X-List-Received-Date: Fri, 22 Jun 2012 11:00:59 -0000 Arnt Gulbrandsen <arnt@gulbrandsen.priv.no> wrote: > > RFC 6186 > > While I greatly applaud that document in every detail, I do wonder... why do > clients ask the user whether to use TLS? whether to use C=D? whether to > perform plaintext or SASL authentication? I've been wondering that for at least seven years. http://fanf.livejournal.com/39428.html I'm currently trying to write draft-fanf-dane-mua which will update RFC 6186 to specify how it is affected by DNSSEC and how to use TLSA records. It will use TLSA records to indicate that STARTTLS is supported on the cleartext ports, and encourage MUAs to use that for autoconfiguration. Tony. -- f.anthony.n.finch <dot@dotat.at> http://dotat.at/ South German Bight, Humber, Thames, Dover: Southwesterly 6 to gale 8, occasionally severe gale 9 in Thames and Dover. Moderate or rough. Squally showers. Moderate. From john+smtp@jck.com Fri Jun 22 07:54:43 2012 Return-Path: <john+smtp@jck.com> X-Original-To: ietf-smtp@ietfa.amsl.com Delivered-To: ietf-smtp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0AE9221F86D5 for <ietf-smtp@ietfa.amsl.com>; Fri, 22 Jun 2012 07:54:43 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p-LfvhmRiMqS for <ietf-smtp@ietfa.amsl.com>; Fri, 22 Jun 2012 07:54:42 -0700 (PDT) Received: from bsa2.jck.com (ns.jck.com [70.88.254.51]) by ietfa.amsl.com (Postfix) with ESMTP id 6C85D21F86D6 for <ietf-smtp@ietf.org>; Fri, 22 Jun 2012 07:54:42 -0700 (PDT) Received: from [198.252.137.115] (helo=JcK-HP8200.jck.com) by bsa2.jck.com with esmtp (Exim 4.71 (FreeBSD)) (envelope-from <john+smtp@jck.com>) id 1Si59U-000HGY-SJ; Fri, 22 Jun 2012 10:48:00 -0400 Date: Fri, 22 Jun 2012 10:54:28 -0400 From: John C Klensin <john+smtp@jck.com> To: Tony Finch <dot@dotat.at>, Yi EungJun <semtlenori@gmail.com> Message-ID: <E4F9526CC9F2F1E7DED059D3@JcK-HP8200.jck.com> In-Reply-To: <alpine.LSU.2.00.1206211920310.18854@hermes-2.csi.cam.ac.uk> References: <4FE34B02.3000400@gmail.com> <alpine.LSU.2.00.1206211920310.18854@hermes-2.csi.cam.ac.uk> X-Mailer: Mulberry/4.0.8 (Win32) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Content-Disposition: inline Cc: ietf-smtp@ietf.org Subject: Re: [ietf-smtp] a protocol to negotiate protocol? X-BeenThere: ietf-smtp@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: "Discussion of issues related to Simple Mail Transfer Protocol \(SMTP\) \[RFC 821, RFC 2821, RFC 5321\]" <ietf-smtp.ietf.org> List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=unsubscribe> List-Archive: <http://www.ietf.org/mail-archive/web/ietf-smtp> List-Post: <mailto:ietf-smtp@ietf.org> List-Help: <mailto:ietf-smtp-request@ietf.org?subject=help> List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=subscribe> X-List-Received-Date: Fri, 22 Jun 2012 14:54:43 -0000 --On Thursday, June 21, 2012 19:20 +0100 Tony Finch <dot@dotat.at> wrote: > Yi EungJun <semtlenori@gmail.com> wrote: > >> Does anyone know a protocol such like that? > > RFC 6186 Or, if you merely need the relevant parameters, RFCs 2244 and 6075. john From fanf2@hermes.cam.ac.uk Wed Jun 27 12:15:05 2012 Return-Path: <fanf2@hermes.cam.ac.uk> X-Original-To: ietf-smtp@ietfa.amsl.com Delivered-To: ietf-smtp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2DFFD11E8086; Wed, 27 Jun 2012 12:15:05 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.169 X-Spam-Level: X-Spam-Status: No, score=-6.169 tagged_above=-999 required=5 tests=[AWL=0.430, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oTlr6vNxu8Li; Wed, 27 Jun 2012 12:15:04 -0700 (PDT) Received: from ppsw-52.csi.cam.ac.uk (ppsw-52.csi.cam.ac.uk [131.111.8.152]) by ietfa.amsl.com (Postfix) with ESMTP id E643D11E80AA; Wed, 27 Jun 2012 12:15:03 -0700 (PDT) X-Cam-AntiVirus: no malware found X-Cam-SpamDetails: not scanned X-Cam-ScannerInfo: http://www.cam.ac.uk/cs/email/scanner/ Received: from hermes-2.csi.cam.ac.uk ([131.111.8.54]:60175) by ppsw-52.csi.cam.ac.uk (smtp.hermes.cam.ac.uk [131.111.8.159]:25) with esmtpa (EXTERNAL:fanf2) id 1Sjxhe-0003MB-G6 (Exim 4.72) (return-path <fanf2@hermes.cam.ac.uk>); Wed, 27 Jun 2012 20:15:03 +0100 Received: from fanf2 (helo=localhost) by hermes-2.csi.cam.ac.uk (hermes.cam.ac.uk) with local-esmtp id 1Sjxhe-0004AL-Tf (Exim 4.67) (return-path <fanf2@hermes.cam.ac.uk>); Wed, 27 Jun 2012 20:15:02 +0100 Date: Wed, 27 Jun 2012 20:15:02 +0100 From: Tony Finch <dot@dotat.at> X-X-Sender: fanf2@hermes-2.csi.cam.ac.uk To: imapext@ietf.org, ietf-smtp@ietf.org Message-ID: <alpine.LSU.2.00.1206272013140.23668@hermes-2.csi.cam.ac.uk> User-Agent: Alpine 2.00 (LSU 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: Tony Finch <fanf2@hermes.cam.ac.uk> Subject: [ietf-smtp] draft-fanf-dane-mua-00 X-BeenThere: ietf-smtp@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: "Discussion of issues related to Simple Mail Transfer Protocol \(SMTP\) \[RFC 821, RFC 2821, RFC 5321\]" <ietf-smtp.ietf.org> List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=unsubscribe> List-Archive: <http://www.ietf.org/mail-archive/web/ietf-smtp> List-Post: <mailto:ietf-smtp@ietf.org> List-Help: <mailto:ietf-smtp-request@ietf.org?subject=help> List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=subscribe> X-List-Received-Date: Wed, 27 Jun 2012 19:15:05 -0000 The below should be of interest to members of these lists too. Tony. -- f.anthony.n.finch <dot@dotat.at> http://dotat.at/ Humber, Thames: South or southeast 3 or 4, occasionally 5 later. Slight or moderate. Thundery showers, fog patches. Moderate, occasionally very poor. ---------- Forwarded message ---------- Date: Wed, 27 Jun 2012 20:09:56 +0100 From: Tony Finch <dot@dotat.at> To: dane@ietf.org Subject: [dane] draft-fanf-dane-mua-00 At long last, I have got what I hope is a plausible spec for using DANE with IMAP, POP3, and message submission. I think my main struggle was working out what I did not need to put in the document. The compatibility bits are particularly tricky. The structure owes a fair amount to Matt Miller and PSA's XMPP draft, and to RFC 6186. I have also made a minor revision to my other draft which is now draft-fanf-dane-smt-04. This is mainly to flag up points for discussion in Vancouver. All questions / comments / suggestions welcome! Tony. -- f.anthony.n.finch <dot@dotat.at> http://dotat.at/ Trafalgar: Variable mainly northwesterly 3 or 4, but easterly 5 to 7 at first in far southeast. Rough at first in far southeast, otherwise slight or moderate. Showers, fog patches. Moderate or good, occasionally very poor. ---------- Forwarded message ---------- Date: Wed, 27 Jun 2012 11:58:10 -0700 From: internet-drafts@ietf.org To: dot@dotat.at Subject: New Version Notification for draft-fanf-dane-mua-00.txt A new version of I-D, draft-fanf-dane-mua-00.txt has been successfully submitted by Tony Finch and posted to the IETF repository. Filename: draft-fanf-dane-mua Revision: 00 Title: DNSSEC and TLSA records for IMAP, POP3, and message submission Creation date: 2012-06-27 WG ID: Individual Submission Number of pages: 8 URL: http://www.ietf.org/internet-drafts/draft-fanf-dane-mua-00.txt Status: http://datatracker.ietf.org/doc/draft-fanf-dane-mua Htmlized: http://tools.ietf.org/html/draft-fanf-dane-mua-00 Abstract: This specification describes the effect that DNSSEC has on SRV-based autoconfiguration and TLS certificate verification in the mail user agent protocols IMAP, POP3, and message submission. It also describes how to use TLSA DNS records to provide stronger authentication of server TLS certificates. The IETF Secretariat _______________________________________________ dane mailing list dane@ietf.org https://www.ietf.org/mailman/listinfo/dane
- draft-fanf-dane-smtp-02 Tony Finch
- Re: [dane] draft-fanf-dane-smtp Tony Finch
- Re: [dane] draft-fanf-dane-smtp Paul Hoffman
- Re: draft-fanf-dane-smtp Tony Finch
- Re: [dane] draft-fanf-dane-smtp Tony Finch
- Re: draft-fanf-dane-smtp Mark Andrews
- Re: draft-fanf-dane-smtp Hector Santos
- Re: draft-fanf-dane-smtp Mark Andrews
- Re: draft-fanf-dane-smtp Hector Santos
- Re: draft-fanf-dane-smtp ned+ietf-smtp
- Re: draft-fanf-dane-smtp ned+ietf-smtp
- draft-fanf-dane-smtp-01 Tony Finch
- Re: draft-fanf-dane-smtp Alessandro Vesely
- Re: draft-fanf-dane-smtp Tony Finch
- Re: [dane] draft-fanf-dane-smtp Tony Finch
- Re: draft-fanf-dane-smtp Tony Finch
- Re: [dane] draft-fanf-dane-smtp Tony Finch
- Re: [dane] draft-fanf-dane-smtp Hector Santos
- Re: draft-fanf-dane-smtp Hector Santos
- Re: draft-fanf-dane-smtp ned+ietf-smtp
- Re: draft-fanf-dane-smtp Alessandro Vesely
- Re: [dane] draft-fanf-dane-smtp James Cloos
- Re: draft-fanf-dane-smtp ned+ietf-smtp
- Re: draft-fanf-dane-smtp Alessandro Vesely
- Re: draft-fanf-dane-smtp ned+ietf-smtp
- Re: draft-fanf-dane-smtp Alessandro Vesely
- Re: draft-fanf-dane-smtp Alessandro Vesely
- Re: draft-fanf-dane-smtp Tony Finch
- Re: draft-fanf-dane-smtp ned+ietf-smtp
- draft-fanf-dane-smtp Tony Finch
- Re: [dane] draft-fanf-dane-smtp Tony Finch
- Re: [dane] draft-fanf-dane-smtp Paul Hoffman