Re: More haste, less speed.
Viktor Dukhovni <ietf-dane@dukhovni.org> Mon, 06 March 2017 21:30 UTC
Return-Path: <ietf-dane@dukhovni.org>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 36D45129A34 for <ietf@ietfa.amsl.com>; Mon, 6 Mar 2017 13:30:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HifCOWxK-qF2 for <ietf@ietfa.amsl.com>; Mon, 6 Mar 2017 13:30:32 -0800 (PST)
Received: from mournblade.imrryr.org (mournblade.imrryr.org [108.5.242.66]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 04BB2129A29 for <ietf@ietf.org>; Mon, 6 Mar 2017 13:30:31 -0800 (PST)
Received: from [172.31.30.83] (gzac12-mdf2-1.aoa.twosigma.com [208.77.215.155]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mournblade.imrryr.org (Postfix) with ESMTPSA id D7B0F7A32D8 for <ietf@ietf.org>; Mon, 6 Mar 2017 21:30:30 +0000 (UTC) (envelope-from ietf-dane@dukhovni.org)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 10.2 \(3259\))
Subject: Re: More haste, less speed.
From: Viktor Dukhovni <ietf-dane@dukhovni.org>
In-Reply-To: <CAMm+LwjWqXg_EA7_0aT5DagZv4YirreUv1wKGAtBir01WwMT5Q@mail.gmail.com>
Date: Mon, 06 Mar 2017 16:30:30 -0500
Content-Transfer-Encoding: quoted-printable
Message-Id: <205292A2-2134-4DAA-BE0E-E76487A615E4@dukhovni.org>
References: <CAMm+Lwg1dvzMSKbWwoF0V6ZM5Q5_WVYxvpV=4_u=T0OTjCPxPQ@mail.gmail.com> <DF91F5B4-D8A0-4569-9011-3C3E38C71F07@dukhovni.org> <CAMm+LwjWqXg_EA7_0aT5DagZv4YirreUv1wKGAtBir01WwMT5Q@mail.gmail.com>
To: IETF general list <ietf@ietf.org>
X-Mailer: Apple Mail (2.3259)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/EqKg9lN_M2GnJJw8UoDoG5joJp8>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
Reply-To: IETF general list <ietf@ietf.org>
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Mar 2017 21:30:33 -0000
> On Mar 6, 2017, at 3:12 PM, Phillip Hallam-Baker <phill@hallambaker.com> wrote: > > Again, you are mistaken. I think you meant to say, that you disagree, at least in general, but that your experience in the SMTP space is more limited, so I might be right in the SMTP case. > Security Policy can benefit from DNSSEC but it absolutely does not require DNSSEC > to provide value. This is not true for SMTP, which is vulnerable to downgrade attacks if the security policy is not made tamper-resistant. > Since the current Internet security policy is to require no security, any policy > publication mechanism adds value over the baseline. Yes, against passive attacks, but STARTTLS is already sufficient for that. -- Viktor.
- More haste, less speed. Phillip Hallam-Baker
- Re: More haste, less speed. Viktor Dukhovni
- Re: More haste, less speed. Phillip Hallam-Baker
- Re: More haste, less speed. Viktor Dukhovni
- Re: More haste, less speed. Gary E. Miller
- Re: More haste, less speed. Viktor Dukhovni
- Re: More haste, less speed. Joe Touch