Re: [perpass] Another mail-related proposal
Paul Wouters <paul@cypherpunks.ca> Sat, 17 August 2013 21:26 UTC
Return-Path: <paul@cypherpunks.ca>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E67AF11E8178 for <perpass@ietfa.amsl.com>; Sat, 17 Aug 2013 14:26:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gDlTPXXZUN81 for <perpass@ietfa.amsl.com>; Sat, 17 Aug 2013 14:26:14 -0700 (PDT)
Received: from mx.nohats.ca (mx.nohats.ca [193.110.157.68]) by ietfa.amsl.com (Postfix) with ESMTP id 0C9C411E8159 for <perpass@ietf.org>; Sat, 17 Aug 2013 14:26:14 -0700 (PDT)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 3cHZFg588pz30V; Sat, 17 Aug 2013 17:25:59 -0400 (EDT)
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id r7Uo2ER1rTBl; Sat, 17 Aug 2013 17:25:57 -0400 (EDT)
Received: from bofh.nohats.ca (bofh.nohats.ca [76.10.157.69]) by mx.nohats.ca (Postfix) with ESMTP; Sat, 17 Aug 2013 17:25:57 -0400 (EDT)
Received: by bofh.nohats.ca (Postfix, from userid 500) id 413EC80EE1; Sat, 17 Aug 2013 17:25:58 -0400 (EDT)
Received: from localhost (localhost [127.0.0.1]) by bofh.nohats.ca (Postfix) with ESMTP id 358A5804AB; Sat, 17 Aug 2013 17:25:58 -0400 (EDT)
Date: Sat, 17 Aug 2013 17:25:58 -0400
From: Paul Wouters <paul@cypherpunks.ca>
X-X-Sender: paul@bofh.nohats.ca
To: Jim Fenton <fenton@bluepopcorn.net>
In-Reply-To: <520FE08B.80005@bluepopcorn.net>
Message-ID: <alpine.LFD.2.10.1308171723400.14413@bofh.nohats.ca>
References: <520FE08B.80005@bluepopcorn.net>
User-Agent: Alpine 2.10 (LFD 1266 2009-07-14)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"; format="flowed"
Cc: perpass@ietf.org
Subject: Re: [perpass] Another mail-related proposal
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "The perpass list is for discussion of the privacy properties of IETF protocols and concrete ways in which those could be improved. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/perpass>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 17 Aug 2013 21:26:20 -0000
On Sat, 17 Aug 2013, Jim Fenton wrote: > There might be times when I'm interested in sending a message that I'd > rather not be in the clear on the wire, and I'd rather that the message > bounce rather than be sent in the clear. How about an SMTP option that > allows a sender to specify whether the message transmission requires (1) > TLS and (2) that the receiving MTA also enforce this option. It could > also specify whether the recipient MTA is required to have a certificate > trusted (e.g., via trust chain) by the sending MTA, or whether any TLS > negotiation (e.g., self-signed cert) is OK. I'd argue it the other way. If you publish a OPENPGPKEY/SMIMEKEY record, then you ONLY want to receive encrypted email. The problem is trying to prevent receiving it, as most email servers are message based and they have to accept the full message before rejecting it, at which point the cleartext has gone over the network and the NSA has a copy even if you don't. The postfix TLSA record fails hard for this reason - but that's the transport security, not data security. Paul
- [perpass] Another mail-related proposal Jim Fenton
- Re: [perpass] Another mail-related proposal Paul Wouters
- Re: [perpass] Another mail-related proposal Jim Fenton
- Re: [perpass] Another mail-related proposal Randy Bush
- Re: [perpass] Another mail-related proposal Dan Schlitt
- Re: [perpass] Another mail-related proposal Jim Fenton
- Re: [perpass] Another mail-related proposal Stephen Farrell
- Re: [perpass] Another mail-related proposal Jim Fenton
- Re: [perpass] Another mail-related proposal Yoav Nir
- Re: [perpass] Another mail-related proposal Randy Bush
- Re: [perpass] Another mail-related proposal Jim Fenton
- Re: [perpass] Another mail-related proposal Jim Fenton
- Re: [perpass] Another mail-related proposal Randy Bush
- Re: [perpass] Another mail-related proposal Randy Bush
- Re: [perpass] Another mail-related proposal Jim Fenton
- Re: [perpass] Another mail-related proposal Randy Bush
- Re: [perpass] Another mail-related proposal Jim Fenton