[secdir] Secdir last call review of draft-ietf-uta-smtp-require-tls-07

Yaron Sheffer <yaronf.ietf@gmail.com> Fri, 22 February 2019 18:43 UTC

Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: secdir@ietf.org
Delivered-To: secdir@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id E9DA11279E6; Fri, 22 Feb 2019 10:43:34 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Yaron Sheffer <yaronf.ietf@gmail.com>
To: secdir@ietf.org
Cc: uta@ietf.org, ietf@ietf.org, draft-ietf-uta-smtp-require-tls.all@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.91.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <155086101448.5343.14630075460582755101@ietfa.amsl.com>
Date: Fri, 22 Feb 2019 10:43:34 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/uF8WhM96q9ukuLf1uhjO3kpclqg>
Subject: [secdir] Secdir last call review of draft-ietf-uta-smtp-require-tls-07
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Feb 2019 18:43:37 -0000

Reviewer: Yaron Sheffer
Review result: Has Nits

[Apologies for the late review.]

* Intro: To avoid confusion, please mention the header parameter "No" to
clarify why the header is named RequireTLS when its semantics is the exact
opposite, "prioritize delivery over ability to negotiate TLS"? The same
confusion already arises in the abstract. * Sec. 2: it seems to be implied that
when REQUIRETLS is used, STARTTLS MUST also be sent. Is this the case? If so,
please mention it (it's obvious to you but not to a first time reader). * I
would have expected a parameter to be associated with REQUIRETLS to indicate
whether DANE is required throughout the forwarding path, or MTA-STS, or either
one will do. Although RFC 8461 takes care to not use the "opportunistic" word,
it is in fact opportunistic to some degree (because an attacker can block the
initial policy lookup with DNS) and so has different security properties than
DANE. I am sure you've already beaten this horse to death, but if you have not,
I think this is a real issue. The thing is, if ever we have widespread
deployment of DANE (which I do NOT expect), this mechanism will not be as
secure as it could have been. * Sec. 2 security requirements: the session must
employ TLS: does this include pre-negotiation of TLS before starting SMTP, or
only session upgrade with STARTTLS? This is common in Submission, I'm not sure
about MTA-to-MTA use. * RequireTLS header field: I believe that the REQUIRETLS
parameter MUST NOT be used when the header field is there, why not mention it?
* If we define a case where MTA-STS policy is to be ignored (when using
RequireTLS: No), shouldn't this document be marked as Updates RFC 8461? * The
word "no" appears twice in Sec. 3, capitalized as "NO" or "No". Are parameters
case insensitive? * The case of REQUIRETLS+RequireTLS on receipt is
interesting, and the MAY requirement (Sec. 4.1) makes it non-deterministic. Why
don't we simply disallow it and reject the message? * The textual name is
mentioned twice, once with and once without a space. * 8.2 (active attacks):
this solution is still vulnerable to the DNS blocking attack associated with
MTA-STS (RFC 8461, Sec. 10.2), and this should be mentioned here.