IETF Logo Mail Archive

Re: [Uta] I-D Action: draft-ietf-uta-rfc7525bis-07.txt

Peter Saint-Andre <stpeter@stpeter.im> Thu, 23 June 2022 17:03 UTC

Return-Path: <stpeter@stpeter.im>
X-Original-To: uta@ietfa.amsl.com
Delivered-To: uta@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 02CF3C13CD80 for <uta@ietfa.amsl.com>; Thu, 23 Jun 2022 10:03:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.986
X-Spam-Level:
X-Spam-Status: No, score=-3.986 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-1.876, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=stpeter.im header.b=nqsG26Q7; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=vZpMtJSW
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jqBRCWNmjMAC for <uta@ietfa.amsl.com>; Thu, 23 Jun 2022 10:03:13 -0700 (PDT)
Received: from wout1-smtp.messagingengine.com (wout1-smtp.messagingengine.com [64.147.123.24]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E6F2BC159490 for <uta@ietf.org>; Thu, 23 Jun 2022 10:03:08 -0700 (PDT)
Received: from compute2.internal (compute2.nyi.internal [10.202.2.46]) by mailout.west.internal (Postfix) with ESMTP id 6469F3200925; Thu, 23 Jun 2022 13:03:02 -0400 (EDT)
Received: from mailfrontend1 ([10.202.2.162]) by compute2.internal (MEProxy); Thu, 23 Jun 2022 13:03:02 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=stpeter.im; h=cc :content-transfer-encoding:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to; s=fm3; t=1656003781; x= 1656090181; bh=eqczg4fgxclKcvQyJRB/cx5Kqc8Ck2OvqfUjMQ8Ojb4=; b=n qsG26Q7Ju2LYNC0yq5JYe/IBEIJ/pJfigmLC0buA8JrBBlJ6BScm6gQOc0fAIPKJ LP5EFCu0MVxX28hdVIbuIk5Sc2J75pPCltLmjvs8PdxhjlxwQ+TPSsic8GQmkFfh aEac6xHETQQhoCuYbKZ+A7cTs+u+n/PEwaCLjSOJraD8i8oWM26lUjqPcuuaQv9e EXTsiVOxbHxYTshbIgxXcbizhNnD5bFZFqhfVfsoHy2bs6X7UR3046qEb1Mh7NZ4 pPTL67rXBIn7+OKqFC/QdWrJstLLbO7RLwsYe2O9rxYnk/ok6mXOdCR+xYJxbeIg Ak7R6abUcoGvzJB+GsEzA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:date:feedback-id:feedback-id:from:from:in-reply-to :in-reply-to:message-id:mime-version:references:reply-to:sender :subject:subject:to:to:x-me-proxy:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm2; t=1656003781; x=1656090181; bh=e qczg4fgxclKcvQyJRB/cx5Kqc8Ck2OvqfUjMQ8Ojb4=; b=vZpMtJSW22sw35Vr1 VyvokA3zMbp0vAFEidIunrBL6UobRjS987AIlP7KBgMBpy8fGBztHJiKhR1Su7MF TOx5wodbXLOY5Qp8+HvE9EXvauR479AKdo9RMzyh4k3pG70RAjIzQdHJCXrflG7m Yly/a3e76VAXpcqGidFUXgVXQNLZi0gXu5+S1bt+V7Q3OwGP3Cv4jTOtfd/AC5U1 PVWno4j23vvJzKZUfmfX0NDbeHzN1iyPv3jfv+vy3GML7xFG3qdIGvJjRntO5IwC 8LJhPwNcEmjJq8rknLhCGCB4HnXWnqyI1XhdCnVFvzxLPZxvQBznW83bO3sv+zfn Op4lA==
X-ME-Sender: <xms:xZy0YiMFoYB-0afxvqE-KYT56hOtHkCgVa7J0_0mxRQz4SU8SIqYnA> <xme:xZy0Yg--Zs2hw95KZV_x0w2mfqEfwabYNghHQfdzfY-cMDo_9FYeTEn-RuMrKA95n j5rUdxuWmQeK3Itgw>
X-ME-Received: <xmr:xZy0YpS-tPKN3sr2KMIUDq0n3Gor80nSY1FctwXG1eykYLAcnnHkkl3ySiXv>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvfedrudefjedguddtlecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd enucfjughrpefkffggfgfvfhfhufgjtgfgsehtkeertddtfeejnecuhfhrohhmpefrvght vghrucfurghinhhtqdetnhgurhgvuceoshhtphgvthgvrhesshhtphgvthgvrhdrihhmqe enucggtffrrghtthgvrhhnpefgueegfedvkeetfeegkeekgefggfeuteetheegvdfgffev geekgfelhedtgeetfeenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrih hlfhhrohhmpehsthhpvghtvghrsehsthhpvghtvghrrdhimh
X-ME-Proxy: <xmx:xZy0YiuJgQeHd8e7Cd4HbzM4lOfq3Eue0g492rGYl9zl0d9CKdvXGA> <xmx:xZy0YqfNS4063fn9WxKSkGMi6iJKTU9X1idDrLGvFq-Cl6Z7X3-jow> <xmx:xZy0Ym025Swfm0giKlxo2xRQgCCiXrfzYe012mf8SytN6HNNkZx42g> <xmx:xZy0YuFucg9oHXUU93pynj61g96qZc2LIeh1Tp3rt2jjKt_UFJmuqA>
Feedback-ID: i24394279:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Thu, 23 Jun 2022 13:03:00 -0400 (EDT)
Message-ID: <0d44d21b-671d-d916-e0ac-29013fbd3f65@stpeter.im>
Date: Thu, 23 Jun 2022 11:02:59 -0600
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:91.0) Gecko/20100101 Thunderbird/91.10.0
Content-Language: en-US
To: John Levine <johnl@taugh.com>, uta@ietf.org
References: <20220623164409.E3244442721A@ary.qy>
From: Peter Saint-Andre <stpeter@stpeter.im>
In-Reply-To: <20220623164409.E3244442721A@ary.qy>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/uta/QBGZNgiPgiHdb_0HNYpoF5uukdA>
Subject: Re: [Uta] I-D Action: draft-ietf-uta-rfc7525bis-07.txt
X-BeenThere: uta@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: UTA working group mailing list <uta.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uta>, <mailto:uta-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/uta/>
List-Post: <mailto:uta@ietf.org>
List-Help: <mailto:uta-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uta>, <mailto:uta-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Jun 2022 17:03:18 -0000

On 6/23/22 10:44 AM, John Levine wrote:
> It appears that Peter Saint-Andre <stpeter@stpeter.im> said:
>> On 5/27/22 7:51 AM, Stephen Farrell wrote:
>>
>>> - section 3.2: I wondered why no mention of MTA-STS or
>>>     DANE? Could/should we say that MTA implementations
>>>     SHOULD include support for such strictness?
>>
>> Hi Stephen,
>>
>> Although these technologies (RFC 8461 and RFC 7672) seem sensible, I
>> don't think we authors have a good handle on whether they are widely
>> deployed enough to justify a SHOULD in a BCP. We will reach out to folks
>> in the email community for guidance.
> 
> MTA-STS is in wide use.  All of the large mail systems I know publish
> mta-sts records and a lot of the smaller ones.
> 
> DANE is less widely used but Viktor would have the numbers.  I know that
> Comcast buth publishes DANE records and checks them on their outbound mail
> so they might be willing to share some observations.

Hi John, thanks for sharing these insights. I'll reach out to a few 
Comcast colleagues regarding DANE. We the authors of course want to 
recommend what's best current practice, thus the interest in how widely 
deployed these technologies are. Another wrinkle is that MTA-STS is 
specific to the email world, whereas DANE has at least been defined as a 
more generalized technology and deployment might vary across application 
protocols (e.g., I know there has been some adoption of DANE in the XMPP 
community but it is far from ubiquitous).

Peter

v2.23.0 | Report a Bug | By Email