Re: [Uta] Benjamin Kaduk's Discuss on draft-ietf-uta-smtp-require-tls-07: (with DISCUSS and COMMENT)

Viktor Dukhovni <ietf-dane@dukhovni.org> Thu, 28 February 2019 22:57 UTC

Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 12.2 \(3445.102.3\))
From: Viktor Dukhovni <ietf-dane@dukhovni.org>
In-Reply-To: <f939d44f-1262-ca40-4501-755ed05e4674@bluepopcorn.net>
Date: Thu, 28 Feb 2019 17:57:21 -0500
Cc: uta-chairs@ietf.org, draft-ietf-uta-smtp-require-tls@ietf.org, The IESG <iesg@ietf.org>
Reply-To: uta@ietf.org, uta-chairs@ietf.org, draft-ietf-uta-smtp-require-tls@ietf.org, The IESG <iesg@ietf.org>
Content-Transfer-Encoding: 7bit
Message-Id: <B822D2C1-184B-4205-ABC4-750A9F140636@dukhovni.org>
References: <155072491254.20210.15187912705241578950.idtracker@ietfa.amsl.com> <7061cefb-0f2d-5257-e10c-95be14a7413f@bluepopcorn.net> <20190227201137.GS53396@kduck.mit.edu> <f939d44f-1262-ca40-4501-755ed05e4674@bluepopcorn.net>
To: uta@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/uta/YtngH9r8OQ5Es_rSc8vb9ZLQotM>
Subject: Re: [Uta] Benjamin Kaduk's Discuss on draft-ietf-uta-smtp-require-tls-07: (with DISCUSS and COMMENT)
Precedence: list

> On Feb 28, 2019, at 5:49 PM, Jim Fenton <fenton@bluepopcorn.net> wrote:
> 
>> I'm complaining more about the transition from (3) to (4) than either one
>> per se.  If I open a connection and then establish a (new?) TLS-protected
>> session, that seems to mostly be STARTTLS.  But if I use implicit TLS, why
>> do I need to bother with (3) at all?
> 
> There's one circumstance where implicit TLS might happen, and that's
> message submission. It's probably step 4 that's the problem there, since
> the TLS session is negotiated earlier in that case.

Yes, thanks, indeed there's potential for implicit TLS during initial
submission (now that port 465 is back from the dead) and perhaps also
final delivery via LMTP.  So my note about STARTTLS being the only
relevant protocol may not cover the "edge" cases.

-- 
	Viktor.

[Uta] Benjamin Kaduk's Discuss on draft-ietf-uta-… Benjamin Kaduk
Re: [Uta] Benjamin Kaduk's Discuss on draft-ietf-… Viktor Dukhovni
Re: [Uta] Benjamin Kaduk's Discuss on draft-ietf-… Alexey Melnikov
Re: [Uta] Benjamin Kaduk's Discuss on draft-ietf-… Benjamin Kaduk
Re: [Uta] Benjamin Kaduk's Discuss on draft-ietf-… Alexey Melnikov
Re: [Uta] Benjamin Kaduk's Discuss on draft-ietf-… Jim Fenton
Re: [Uta] Benjamin Kaduk's Discuss on draft-ietf-… Viktor Dukhovni
Re: [Uta] Benjamin Kaduk's Discuss on draft-ietf-… Jim Fenton
Re: [Uta] Benjamin Kaduk's Discuss on draft-ietf-… Viktor Dukhovni
Re: [Uta] Benjamin Kaduk's Discuss on draft-ietf-… Benjamin Kaduk
Re: [Uta] Benjamin Kaduk's Discuss on draft-ietf-… Benjamin Kaduk
Re: [Uta] Benjamin Kaduk's Discuss on draft-ietf-… Viktor Dukhovni
Re: [Uta] Benjamin Kaduk's Discuss on draft-ietf-… Viktor Dukhovni
Re: [Uta] Benjamin Kaduk's Discuss on draft-ietf-… Spencer Dawkins at IETF
Re: [Uta] Benjamin Kaduk's Discuss on draft-ietf-… Viktor Dukhovni
Re: [Uta] Benjamin Kaduk's Discuss on draft-ietf-… Benjamin Kaduk
Re: [Uta] Benjamin Kaduk's Discuss on draft-ietf-… Benjamin Kaduk
Re: [Uta] Benjamin Kaduk's Discuss on draft-ietf-… Viktor Dukhovni
Re: [Uta] Benjamin Kaduk's Discuss on draft-ietf-… Jeremy Harris
Re: [Uta] Benjamin Kaduk's Discuss on draft-ietf-… Jim Fenton
Re: [Uta] Benjamin Kaduk's Discuss on draft-ietf-… Jim Fenton
Re: [Uta] Benjamin Kaduk's Discuss on draft-ietf-… Viktor Dukhovni
Re: [Uta] Benjamin Kaduk's Discuss on draft-ietf-… Benjamin Kaduk