Re: IETF mail server and SSLv3
tom p. <daedulus@btconnect.com> Tue, 26 January 2016 17:06 UTC
Return-Path: <daedulus@btconnect.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 31BB11A9059; Tue, 26 Jan 2016 09:06:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.799
X-Spam-Level:
X-Spam-Status: No, score=0.799 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_HELO_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Pe1JIVHuEc-P; Tue, 26 Jan 2016 09:06:31 -0800 (PST)
Received: from emea01-db3-obe.outbound.protection.outlook.com (mail-db3on0724.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe04::724]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 535F11A03F9; Tue, 26 Jan 2016 09:05:58 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=btconnect.onmicrosoft.com; s=selector1-btconnect-com; h=From:To:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=lw4UCatoDgHVHitLNI2D6zFESkrEULdaNq9X8Ej7oWo=; b=eVXtUBAEGOtxem4Jw6ARC3OO7qBHemvsYZd7xsyLu4vDwktyh1+FKgRLIwToqyFAcK53eZv6QpKvA9TrcZkCT4BycfSfPGZWaWp4nXtSGBqARdnAt3fx2aatIK7r3wXVRBg7TOp7rnT2tIo/HGVmjBjXq6+gZsGPwmU6IaPNqV4=
Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=daedulus@btconnect.com;
Received: from pc6 (86.185.87.133) by AM4PR07MB1556.eurprd07.prod.outlook.com (10.165.249.12) with Microsoft SMTP Server (TLS) id 15.1.365.19; Tue, 26 Jan 2016 17:05:41 +0000
Message-ID: <000a01d1585b$60b68e60$4001a8c0@gateway.2wire.net>
From: "tom p." <daedulus@btconnect.com>
To: IETF Chair <chair@ietf.org>
References: <F38A9FEF-7DBB-4F40-860E-6CB425E5EEE3@ietf.org>
Subject: Re: IETF mail server and SSLv3
Date: Tue, 26 Jan 2016 17:02:38 +0000
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1106
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
X-Originating-IP: [86.185.87.133]
X-ClientProxiedBy: DB4PR05CA0028.eurprd05.prod.outlook.com (25.160.40.38) To AM4PR07MB1556.eurprd07.prod.outlook.com (25.165.249.12)
X-Microsoft-Exchange-Diagnostics: 1; AM4PR07MB1556; 2:dHdpHSUjvPbk0KleL8JAeG1r9NI7X96O0ZOTUBYGjkrq2SHGvNdOdWYv+IDGd7qHL//NP5DGppcB6+74R/oUiVYKGnYikkpNTXgTKS+pz9y30ysfnaH9jIDrwXmH9/NZwNlDeRh5b9feRJ/nCgdgcg==; 3:vog5fJbf12Wuu3YaWXmxbcqYYH/esFqH4CGlxGjMw4M7WjE2ly2ST/zQEQsqWK0ptEmzQgyzVHPl+zeVjOr+QYkSzmXsiIbi5ljr+98I7jwzhXR+7ukiqgjdwdEIeW7Z; 25:yb0tqT9+aLfG8Rlku/Xmzpf7EOsdf06EYMU32n+rhKgzphOQDxgBGNA3i330fFsbRvFnt56JKzuad1e2iOuEKhZNXxdmQU4TlFkO1zL7sazS1Ow2UC4UQFVEA1T0KObusu9IkuKak8ZN8SL4HDNw0W6GcK0KgW5mIyRpbnUHo8InSa66U8w2cS+7t9iOgfHWfLAJSZ0rYc0pNezEC9e9CIKZOpE0o0yDCHqaJs/DJav2LSvkxHrxLnySos7nqFqW; 4:WRLX2AaaK9TI6UqjYJeQ0w1/qRGFBj0l/61oxeh2O+b4OSn3FginB1rhMOcN1J7ZtF94nzI9QjUMMNu1Eq3NvgH8C+j5RCEa414JpGzAna4SbuIxMIzKJxvqJIlkzg0H6EPQezzvRUti0HnMgWfRrtdo+ipDFNFbb8iPKsu01IVeRKbzBcDV1Fzkl7ARHHaFt4ZJsvk3e/mBhhr2nuYJ5p/w2WqnQYhkZxP+XsrPWIzKwH4Up0wmjft6h2iLOHXIGnyGxR91F/a1OmaTcAkJQRdvZmFSUYK1P3F1H8hEuN6ZKHdnqv/B939Cm22NrE982LicYmyggUtvRi8cSLdahpFZv5JtUd4GXDKpBuYoy0sJ3i7qSzCAdrkgh5pNyo6w
X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:AM4PR07MB1556;
X-MS-Office365-Filtering-Correlation-Id: 77ff53cd-af03-4e28-e192-08d32672ec08
X-Microsoft-Antispam-PRVS: <AM4PR07MB15563CFF6BD3425C07B5B5CCC6D80@AM4PR07MB1556.eurprd07.prod.outlook.com>
X-Exchange-Antispam-Report-Test: UriScan:;
X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(601004)(2401047)(520078)(8121501046)(5005006)(3002001)(10201501046); SRVR:AM4PR07MB1556; BCL:0; PCL:0; RULEID:; SRVR:AM4PR07MB1556;
X-Forefront-PRVS: 08331F819E
X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10019020)(6009001)(189002)(377454003)(13464003)(199003)(84392002)(4326007)(116806002)(1556002)(2906002)(19580405001)(50466002)(122386002)(42186005)(92566002)(23756003)(33646002)(86362001)(40100003)(44736004)(5004730100002)(81156007)(97736004)(66066001)(50226001)(77096005)(110136002)(1096002)(61296003)(1456003)(450100001)(14496001)(230700001)(81686999)(5001960100002)(3846002)(50986999)(5008740100001)(19580395003)(6116002)(87976001)(189998001)(44716002)(81816999)(62236002)(105586002)(586003)(106356001)(101416001)(47776003)(76176999)(74416001)(7726001); DIR:OUT; SFP:1102; SCL:1; SRVR:AM4PR07MB1556; H:pc6; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:0; LANG:en;
Received-SPF: None (protection.outlook.com: btconnect.com does not designate permitted sender hosts)
X-Microsoft-Exchange-Diagnostics: 1; AM4PR07MB1556; 23:tk85dIB6YljNpmo7DltDIS0Cm7APfrszs6kQ9lLgtgdWDjR98tO1EXh9B4v9z4+N3AUAyoA/UQK/lP5n51VZoRePzXDG1otRALI3rwXaK2K6mHWz0uvH1Z24s3DL6+vzyIfOq0TGRcsQVedevHYHLuan2dFJABnp3fc7c8NMvA7mvSQ8ntFcR2YZfLatAqweZtpeY4r6JH+OIjXplXinM/6YVKXP7rVpjK5F2gnydZsSBo2CrfLoVrPwqaDr42nCMvNdpZCE94RonqLTaoasRH6cjxbouyzx+psMnYo+jADIHNlRKWevufyPa/FpXqA6ZSKPzInGmRVELA2+hLMe1QLZk5fH91eKO+6JlUmPnIsFCLBFggqwhpwP6/51KwHrs+zoP0Ayz7rDMXLfm269BcJ25pf60IUVUqm/ZD3OXddNmM84PCbY4CFF13fXnGIYPvgwx8WsNFwZ8FQYEfzuXIVF9e5KPvBY7z/Ym5pcE2SFduJuNot8vNRjIjiyXTx9LSnyM2Ewi6OVgepxUJFKUpklAisl6dLE48nfZhgslfcNsUJfOgk/x4iByRPIrJlttr2RNoblbX9jtYUqRpafuHfP5W0rczWqQtqJy59CQ7yka6hH8bn+YjAwqg1HSCzbaOVxqP+WCU8Ck5C8J/hGuhUnwPVJVTKSJYvYUcb+fwisGGBboKs9JKT5H4i/pwtjJ7UFCyQRAfpTNVqcUMTdOyLFtVW/VXqeIKsZGUkqxWhZMjNxJO/lCM7bfO179jlZr0BNRWCuNVkZSQMld8h3cso8MqnpFDJ8ch5D4sNC51ASZEPlGGOzDYjIDp/SAB/TQpSqlTfGmI3VhTU4WsKkZPERxELIdMv8xm0sMVLcMjzMgxfIdRlmfJQz5DBeof6JxuuHX4Iuinfkprx8of9uSOXx2hHeoGS6Xe2JFEfUmUju7ZWg2hujGSp2kz95hIs7ZdqP+sdilsnoW+DFCZAU7jjajuyQZeGJX4hhLwQMhIho5C2pKziLjhSte30paitFaZqEI2UeGWl0Ckzs68IoEcRA26Pk5Mucl+H92RWWCNX9TKyYMBIBRV/Qd9+W8eVwQ/Apav29H7tgVOP1a16hy8YjqPoNkA3odKiXemreyIr/c2PUVX4W+4x/4rG/OOkicsuj/nwuEh+fUIW+P0X+tI704RzhyweQqKikqn8nADkZckt2XXWgFrJ5/cT9Gb48IC2UkgRjkrsmvH/hlq5Q2qbENziVptgYuDIlI1Xs4FqGSEwqPKN7gzoCIcMpazG6zAZLVkkBMLecv3/rURb+1TZ+0d94Sa/3P3WocJSixas=
X-Microsoft-Exchange-Diagnostics: 1; AM4PR07MB1556; 5:bo/BCn5rAu7OCVWvgG0UZgHyUtP6rFOGqy7vI9zbTcOeGHrLHzVAOzVv3oxKXoyHcrAPQFXPw1IIT9zlrxjc6r3tg4kLGMORVwc5/Mo2YkTUWu6/lTO0vS8fc4wjwJ0Ij/+R3Dp0FeFQgirxHIG9AQ==; 24:DT5sLdF4cx+umhvgt4q0ivl1dCL/bVOLFG4ZKSsccvdrRX6aWkVIdihWRVH3x0A4hfLuXHtSVG/3wu2rpSwx2xD5DqWgclPhboXhYLYxsX0=
SpamDiagnosticOutput: 1:23
SpamDiagnosticMetadata: NSPM
X-OriginatorOrg: btconnect.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Jan 2016 17:05:41.5316 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM4PR07MB1556
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/qCE-22FBYljK7BID5YvhiWcwtRk>
Cc: IETF <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Jan 2016 17:06:34 -0000
---- Original Message ----- From: "IETF Chair" <chair@ietf.org> To: "IETF Announcement List" <ietf-announce@ietf.org> Cc: "IETF" <ietf@ietf.org> Sent: Monday, January 25, 2016 7:39 PM For your information, while SSLv3 has been disabled on IETF web servers, it has still been enabled on mail transport. The tools is taking action to disable SSLv3 even on mail transport. After this, all IETF web and mail servers support only TLS-based transport on secure connections. If you have any feedback regarding this, let me or the tools team know. <tp> It seems a somewhat strange executive decision. e-mail, famously, is not end-to-end so what happens between the IETF mail servers and whatever E/ISP the IETF uses seems like a local decision that does not affect the service I get (whereas what happens between my e-mail client and the E/ISP that I use has a major impact on the service I get). So this looks like an impressive sounding announcement in advancing the field of privacy that actually does not mean very much. Tom Petch Jari Arkko, IETF Chair
- Re: IETF mail server and SSLv3 Lixia Zhang
- Re: IETF mail server and SSLv3 John C Klensin
- Re: IETF mail server and SSLv3 John Levine
- Re: IETF mail server and SSLv3 Viktor Dukhovni
- Re: IETF mail server and SSLv3 Viktor Dukhovni
- Re: IETF mail server and SSLv3 Phillip Hallam-Baker
- IETF mail server and SSLv3 IETF Chair
- Re: IETF mail server and SSLv3 tom p.
- Re: IETF mail server and SSLv3 Phillip Hallam-Baker
- Re: IETF mail server and SSLv3 Jari Arkko
- Re: IETF mail server and SSLv3 Phillip Hallam-Baker
- Re: IETF mail server and SSLv3 Jari Arkko
- Re: IETF mail server and SSLv3 Derek Atkins
- Re: IETF mail server and SSLv3 Viktor Dukhovni
- Re: IETF mail server and SSLv3 John C Klensin
- Re: IETF mail server and SSLv3 Viktor Dukhovni
- Re: IETF mail server and SSLv3 ned+ietf
- Re: IETF mail server and SSLv3 Viktor Dukhovni
- Re: IETF mail server and SSLv3 ned+ietf
- Re: IETF mail server and SSLv3 Viktor Dukhovni
- Re: IETF mail server and SSLv3 Phillip Hallam-Baker
- Re: IETF mail server and SSLv3 ned+ietf
- Re: IETF mail server and SSLv3 ned+ietf
- Re: IETF mail server and SSLv3 Viktor Dukhovni
- Re: IETF mail server and SSLv3 Phillip Hallam-Baker
- Re: IETF mail server and SSLv3 John C Klensin
- Re: IETF mail server and SSLv3 ned+ietf
- Re: IETF mail server and SSLv3 ned+ietf
- Re: IETF mail server and SSLv3 Lixia Zhang
- Re: IETF mail server and SSLv3 John C Klensin
- Re: IETF mail server and SSLv3 Martin Rex
- Re: IETF mail server and SSLv3 Viktor Dukhovni
- Re: IETF mail server and SSLv3 Solarus
- Re: IETF mail server and SSLv3 Viktor Dukhovni
- Re: IETF mail server and SSLv3 Solarus
- Re: IETF mail server and SSLv3 Viktor Dukhovni
- Re: IETF mail server and SSLv3 Martin Rex
- Re: IETF mail server and SSLv3 Viktor Dukhovni
- Re: IETF mail server and SSLv3 Russ Housley
- Re: IETF mail server and SSLv3 Randy Bush
- Re: IETF mail server and SSLv3 Stephen Farrell
- Re: IETF mail server and SSLv3 Phillip Hallam-Baker
- Re: IETF mail server and SSLv3 Viktor Dukhovni
- Re: IETF mail server and SSLv3 Doug Barton
- RE: IETF mail server and SSLv3 Christian Huitema