IETF Logo Mail Archive

Re: IETF mail server and SSLv3

tom p. <daedulus@btconnect.com> Tue, 26 January 2016 17:06 UTC

Return-Path: <daedulus@btconnect.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 31BB11A9059; Tue, 26 Jan 2016 09:06:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.799
X-Spam-Level:
X-Spam-Status: No, score=0.799 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_HELO_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Pe1JIVHuEc-P; Tue, 26 Jan 2016 09:06:31 -0800 (PST)
Received: from emea01-db3-obe.outbound.protection.outlook.com (mail-db3on0724.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe04::724]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 535F11A03F9; Tue, 26 Jan 2016 09:05:58 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=btconnect.onmicrosoft.com; s=selector1-btconnect-com; h=From:To:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=lw4UCatoDgHVHitLNI2D6zFESkrEULdaNq9X8Ej7oWo=; b=eVXtUBAEGOtxem4Jw6ARC3OO7qBHemvsYZd7xsyLu4vDwktyh1+FKgRLIwToqyFAcK53eZv6QpKvA9TrcZkCT4BycfSfPGZWaWp4nXtSGBqARdnAt3fx2aatIK7r3wXVRBg7TOp7rnT2tIo/HGVmjBjXq6+gZsGPwmU6IaPNqV4=
Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=daedulus@btconnect.com;
Received: from pc6 (86.185.87.133) by AM4PR07MB1556.eurprd07.prod.outlook.com (10.165.249.12) with Microsoft SMTP Server (TLS) id 15.1.365.19; Tue, 26 Jan 2016 17:05:41 +0000
Message-ID: <000a01d1585b$60b68e60$4001a8c0@gateway.2wire.net>
From: "tom p." <daedulus@btconnect.com>
To: IETF Chair <chair@ietf.org>
References: <F38A9FEF-7DBB-4F40-860E-6CB425E5EEE3@ietf.org>
Subject: Re: IETF mail server and SSLv3
Date: Tue, 26 Jan 2016 17:02:38 +0000
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1106
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
X-Originating-IP: [86.185.87.133]
X-ClientProxiedBy: DB4PR05CA0028.eurprd05.prod.outlook.com (25.160.40.38) To AM4PR07MB1556.eurprd07.prod.outlook.com (25.165.249.12)
X-Microsoft-Exchange-Diagnostics: 1; AM4PR07MB1556; 2:dHdpHSUjvPbk0KleL8JAeG1r9NI7X96O0ZOTUBYGjkrq2SHGvNdOdWYv+IDGd7qHL//NP5DGppcB6+74R/oUiVYKGnYikkpNTXgTKS+pz9y30ysfnaH9jIDrwXmH9/NZwNlDeRh5b9feRJ/nCgdgcg==; 3:vog5fJbf12Wuu3YaWXmxbcqYYH/esFqH4CGlxGjMw4M7WjE2ly2ST/zQEQsqWK0ptEmzQgyzVHPl+zeVjOr+QYkSzmXsiIbi5ljr+98I7jwzhXR+7ukiqgjdwdEIeW7Z; 25:yb0tqT9+aLfG8Rlku/Xmzpf7EOsdf06EYMU32n+rhKgzphOQDxgBGNA3i330fFsbRvFnt56JKzuad1e2iOuEKhZNXxdmQU4TlFkO1zL7sazS1Ow2UC4UQFVEA1T0KObusu9IkuKak8ZN8SL4HDNw0W6GcK0KgW5mIyRpbnUHo8InSa66U8w2cS+7t9iOgfHWfLAJSZ0rYc0pNezEC9e9CIKZOpE0o0yDCHqaJs/DJav2LSvkxHrxLnySos7nqFqW; 4:WRLX2AaaK9TI6UqjYJeQ0w1/qRGFBj0l/61oxeh2O+b4OSn3FginB1rhMOcN1J7ZtF94nzI9QjUMMNu1Eq3NvgH8C+j5RCEa414JpGzAna4SbuIxMIzKJxvqJIlkzg0H6EPQezzvRUti0HnMgWfRrtdo+ipDFNFbb8iPKsu01IVeRKbzBcDV1Fzkl7ARHHaFt4ZJsvk3e/mBhhr2nuYJ5p/w2WqnQYhkZxP+XsrPWIzKwH4Up0wmjft6h2iLOHXIGnyGxR91F/a1OmaTcAkJQRdvZmFSUYK1P3F1H8hEuN6ZKHdnqv/B939Cm22NrE982LicYmyggUtvRi8cSLdahpFZv5JtUd4GXDKpBuYoy0sJ3i7qSzCAdrkgh5pNyo6w
X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:AM4PR07MB1556;
X-MS-Office365-Filtering-Correlation-Id: 77ff53cd-af03-4e28-e192-08d32672ec08
X-Microsoft-Antispam-PRVS: <AM4PR07MB15563CFF6BD3425C07B5B5CCC6D80@AM4PR07MB1556.eurprd07.prod.outlook.com>
X-Exchange-Antispam-Report-Test: UriScan:;
X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(601004)(2401047)(520078)(8121501046)(5005006)(3002001)(10201501046); SRVR:AM4PR07MB1556; BCL:0; PCL:0; RULEID:; SRVR:AM4PR07MB1556;
X-Forefront-PRVS: 08331F819E
X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10019020)(6009001)(189002)(377454003)(13464003)(199003)(84392002)(4326007)(116806002)(1556002)(2906002)(19580405001)(50466002)(122386002)(42186005)(92566002)(23756003)(33646002)(86362001)(40100003)(44736004)(5004730100002)(81156007)(97736004)(66066001)(50226001)(77096005)(110136002)(1096002)(61296003)(1456003)(450100001)(14496001)(230700001)(81686999)(5001960100002)(3846002)(50986999)(5008740100001)(19580395003)(6116002)(87976001)(189998001)(44716002)(81816999)(62236002)(105586002)(586003)(106356001)(101416001)(47776003)(76176999)(74416001)(7726001); DIR:OUT; SFP:1102; SCL:1; SRVR:AM4PR07MB1556; H:pc6; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:0; LANG:en;
Received-SPF: None (protection.outlook.com: btconnect.com does not designate permitted sender hosts)
X-Microsoft-Exchange-Diagnostics: 1; AM4PR07MB1556; 23:tk85dIB6YljNpmo7DltDIS0Cm7APfrszs6kQ9lLgtgdWDjR98tO1EXh9B4v9z4+N3AUAyoA/UQK/lP5n51VZoRePzXDG1otRALI3rwXaK2K6mHWz0uvH1Z24s3DL6+vzyIfOq0TGRcsQVedevHYHLuan2dFJABnp3fc7c8NMvA7mvSQ8ntFcR2YZfLatAqweZtpeY4r6JH+OIjXplXinM/6YVKXP7rVpjK5F2gnydZsSBo2CrfLoVrPwqaDr42nCMvNdpZCE94RonqLTaoasRH6cjxbouyzx+psMnYo+jADIHNlRKWevufyPa/FpXqA6ZSKPzInGmRVELA2+hLMe1QLZk5fH91eKO+6JlUmPnIsFCLBFggqwhpwP6/51KwHrs+zoP0Ayz7rDMXLfm269BcJ25pf60IUVUqm/ZD3OXddNmM84PCbY4CFF13fXnGIYPvgwx8WsNFwZ8FQYEfzuXIVF9e5KPvBY7z/Ym5pcE2SFduJuNot8vNRjIjiyXTx9LSnyM2Ewi6OVgepxUJFKUpklAisl6dLE48nfZhgslfcNsUJfOgk/x4iByRPIrJlttr2RNoblbX9jtYUqRpafuHfP5W0rczWqQtqJy59CQ7yka6hH8bn+YjAwqg1HSCzbaOVxqP+WCU8Ck5C8J/hGuhUnwPVJVTKSJYvYUcb+fwisGGBboKs9JKT5H4i/pwtjJ7UFCyQRAfpTNVqcUMTdOyLFtVW/VXqeIKsZGUkqxWhZMjNxJO/lCM7bfO179jlZr0BNRWCuNVkZSQMld8h3cso8MqnpFDJ8ch5D4sNC51ASZEPlGGOzDYjIDp/SAB/TQpSqlTfGmI3VhTU4WsKkZPERxELIdMv8xm0sMVLcMjzMgxfIdRlmfJQz5DBeof6JxuuHX4Iuinfkprx8of9uSOXx2hHeoGS6Xe2JFEfUmUju7ZWg2hujGSp2kz95hIs7ZdqP+sdilsnoW+DFCZAU7jjajuyQZeGJX4hhLwQMhIho5C2pKziLjhSte30paitFaZqEI2UeGWl0Ckzs68IoEcRA26Pk5Mucl+H92RWWCNX9TKyYMBIBRV/Qd9+W8eVwQ/Apav29H7tgVOP1a16hy8YjqPoNkA3odKiXemreyIr/c2PUVX4W+4x/4rG/OOkicsuj/nwuEh+fUIW+P0X+tI704RzhyweQqKikqn8nADkZckt2XXWgFrJ5/cT9Gb48IC2UkgRjkrsmvH/hlq5Q2qbENziVptgYuDIlI1Xs4FqGSEwqPKN7gzoCIcMpazG6zAZLVkkBMLecv3/rURb+1TZ+0d94Sa/3P3WocJSixas=
X-Microsoft-Exchange-Diagnostics: 1; AM4PR07MB1556; 5:bo/BCn5rAu7OCVWvgG0UZgHyUtP6rFOGqy7vI9zbTcOeGHrLHzVAOzVv3oxKXoyHcrAPQFXPw1IIT9zlrxjc6r3tg4kLGMORVwc5/Mo2YkTUWu6/lTO0vS8fc4wjwJ0Ij/+R3Dp0FeFQgirxHIG9AQ==; 24:DT5sLdF4cx+umhvgt4q0ivl1dCL/bVOLFG4ZKSsccvdrRX6aWkVIdihWRVH3x0A4hfLuXHtSVG/3wu2rpSwx2xD5DqWgclPhboXhYLYxsX0=
SpamDiagnosticOutput: 1:23
SpamDiagnosticMetadata: NSPM
X-OriginatorOrg: btconnect.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Jan 2016 17:05:41.5316 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM4PR07MB1556
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/qCE-22FBYljK7BID5YvhiWcwtRk>
Cc: IETF <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Jan 2016 17:06:34 -0000

---- Original Message -----
From: "IETF Chair" <chair@ietf.org>
To: "IETF Announcement List" <ietf-announce@ietf.org>
Cc: "IETF" <ietf@ietf.org>
Sent: Monday, January 25, 2016 7:39 PM

For your information, while SSLv3 has been disabled on IETF web servers,
it has still been enabled on mail transport. The tools is taking action
to disable SSLv3 even on mail transport. After this, all IETF web and
mail servers support only TLS-based transport on secure connections.

If you have any feedback regarding this, let me or the tools team know.

<tp>

It seems a somewhat strange executive decision.  e-mail, famously, is
not end-to-end so what happens between the IETF mail servers and
whatever E/ISP the IETF uses seems like a local decision that does not
affect the service I get (whereas what happens between my e-mail client
and the E/ISP that I use has a major impact on the service I get).

So this looks like an impressive sounding announcement in advancing the
field of privacy that actually does not mean very much.

Tom Petch



Jari Arkko, IETF Chair

v2.23.0 | Report a Bug | By Email