IETF Logo Mail Archive

Re: [Uta] Eric Rescorla's Discuss on draft-ietf-uta-smtp-require-tls-07: (with DISCUSS and COMMENT)

Benjamin Kaduk <kaduk@mit.edu> Thu, 28 February 2019 02:07 UTC

Return-Path: <kaduk@mit.edu>
X-Original-To: uta@ietfa.amsl.com
Delivered-To: uta@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2B9C612E04D; Wed, 27 Feb 2019 18:07:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mit.edu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CPsIiSCBiF28; Wed, 27 Feb 2019 18:06:58 -0800 (PST)
Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-eopbgr770113.outbound.protection.outlook.com [40.107.77.113]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 158241293B1; Wed, 27 Feb 2019 18:06:58 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mit.edu; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=uy6aPrj3zxsnfqVuAiPiuTxA1DFx9AFCpHZA8BtoiQY=; b=Gvuxd7Ev+A/XJPf6n04AshE/4hUlC6mJSwpQM3hS7Dp61FDB0wmmP96ife0MuLfxxOt08XQq0bx5Hyc6PAd+EgEqcDzxQYp5ZVi4levIgKX7ZFoppv4pFvxgZsolahp8ft03cFgI95/CLSxZOc5zx5lPoC3uQSrFdazguVK7qIQ=
Received: from SN2PR01CA0060.prod.exchangelabs.com (2603:10b6:800::28) by BYAPR01MB4855.prod.exchangelabs.com (2603:10b6:a03:91::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1643.20; Thu, 28 Feb 2019 02:06:55 +0000
Received: from BY2NAM03FT020.eop-NAM03.prod.protection.outlook.com (2a01:111:f400:7e4a::201) by SN2PR01CA0060.outlook.office365.com (2603:10b6:800::28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.1643.20 via Frontend Transport; Thu, 28 Feb 2019 02:06:54 +0000
Authentication-Results: spf=pass (sender IP is 18.9.28.11) smtp.mailfrom=mit.edu; ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=bestguesspass action=none header.from=mit.edu;
Received-SPF: Pass (protection.outlook.com: domain of mit.edu designates 18.9.28.11 as permitted sender) receiver=protection.outlook.com; client-ip=18.9.28.11; helo=outgoing.mit.edu;
Received: from outgoing.mit.edu (18.9.28.11) by BY2NAM03FT020.mail.protection.outlook.com (10.152.84.224) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.1643.13 via Frontend Transport; Thu, 28 Feb 2019 02:06:54 +0000
Received: from kduck.mit.edu (24-107-191-124.dhcp.stls.mo.charter.com [24.107.191.124]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id x1S26oxw030835 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 27 Feb 2019 21:06:51 -0500
Date: Wed, 27 Feb 2019 20:06:49 -0600
From: Benjamin Kaduk <kaduk@mit.edu>
To: "Salz, Rich" <rsalz@akamai.com>
CC: Jim Fenton <fenton@bluepopcorn.net>, Eric Rescorla <ekr@rtfm.com>, The IESG <iesg@ietf.org>, "uta@ietf.org" <uta@ietf.org>, "uta-chairs@ietf.org" <uta-chairs@ietf.org>, "valery@smyslov.net" <valery@smyslov.net>, "draft-ietf-uta-smtp-require-tls@ietf.org" <draft-ietf-uta-smtp-require-tls@ietf.org>
Message-ID: <20190228020649.GW53396@kduck.mit.edu>
References: <155076162945.8595.2671476533659571699.idtracker@ietfa.amsl.com> <554356ec-de3a-08ed-a920-0397813895e0@bluepopcorn.net> <497387AA-C3D4-4B4B-81F7-90D7E1C00BD4@akamai.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <497387AA-C3D4-4B4B-81F7-90D7E1C00BD4@akamai.com>
User-Agent: Mutt/1.10.1 (2018-07-13)
X-EOPAttributedMessage: 0
X-Forefront-Antispam-Report: CIP:18.9.28.11; IPV:CAL; SCL:-1; CTRY:US; EFV:NLI; SFV:NSPM; SFS:(10019020)(39860400002)(376002)(396003)(136003)(346002)(2980300002)(189003)(199004)(46406003)(246002)(97756001)(53416004)(106466001)(88552002)(229853002)(50466002)(76176011)(16586007)(8936002)(47776003)(4744005)(75432002)(7696005)(55016002)(106002)(6916009)(2906002)(54906003)(58126008)(5660300002)(786003)(316002)(36906005)(33656002)(8676002)(186003)(104016004)(86362001)(356004)(23726003)(426003)(1076003)(11346002)(476003)(305945005)(26826003)(446003)(26005)(956004)(478600001)(126002)(4326008)(6246003)(486006)(336012)(18370500001); DIR:OUT; SFP:1102; SCL:1; SRVR:BYAPR01MB4855; H:outgoing.mit.edu; FPR:; SPF:Pass; LANG:en; PTR:outgoing-auth-1.mit.edu; MX:1; A:1;
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: d1613879-8630-4d2b-5275-08d69d216968
X-Microsoft-Antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600127)(711020)(4605104)(4608103)(4709054)(2017052603328)(7153060); SRVR:BYAPR01MB4855;
X-MS-TrafficTypeDiagnostic: BYAPR01MB4855:
X-Microsoft-Exchange-Diagnostics: 1; BYAPR01MB4855; 20:50sx+sveZgu9O5HpIbgYKIe0myPZmbyWWIQqU304ufN+daEwSj9csSCahMBK1f7x2vQSuBQq3L8D6imTJHJNNLe9rx0jjJGrHecI4lVlERb14oYVAbs0fVkbApQ4Pv4rKk5NVpYjB3z/l+vbruqtOrs5NcSLy0W5HlN4v24/6W1q/Lsb4rFMRItptMHMdHgdxPdC7/Iw32aUxykKuHgt84DI3OaJD4KGdsVj1glhRocV9SLu2jPqW3EBFqtVAbh1h2Ds2pmeYAncSrSvnkETjXQ4Emx32445shV+7l1I9Mosakh79GgGNkMTAv7UXPOABdQ4K2B+0z2eyWmkeySse66d7jElNTbXhhNtTRJXGyvkU5sd5aDKN7PsrCe3bJQnRl574iA1S30e2JBzmhDtnFMBtO0O7VBJG99R74phYafyqSuba6+gjsYo+xx3axhanIkTCWkjif0bxAnem/cJbEHWDdJ8fiFuq1xXP0+dWyoaxeDIT91IM43+aR2TJs4v50Bjr/Zzq+unkAT4Tgbb4sbzxgach/2cZH1scq7RIiMPu1CpROH5o/pbE/PJ8S2bUZ8/RzbkxSs1UegpAO51nWZ4988gsRECBptRflqGz1Q=
X-Microsoft-Antispam-PRVS: <BYAPR01MB485589651BDB8A069E3358B0A0750@BYAPR01MB4855.prod.exchangelabs.com>
X-Forefront-PRVS: 0962D394D2
X-Microsoft-Exchange-Diagnostics: 1; BYAPR01MB4855; 23:Bm5UBiJ0N26nillorHzloiYL5LhJIL80X5Gk0Pkr7DvzbCmzKrcoYemj2CXJj7KSUEbh4QIWaA5l3SRln0OuN6jr2N8f31HnxHNdxB/pus+hzR3gHTE7ISFHwjT9v4WNQbNDd14q9zusO7GFtYzM4nERrtoxVzpXHXGl7oKmp/zqDPATREivCuSzQCTl+R6sid/ielrhsEZwbf37Oa0JRxkBwUJSeha+rC8X1qie91CRtxKwjLIRjWi58eeTDTtzgESzjUUs5QGmt6WnQeRJk+qcaYXJYgLtLiJBptvb7Q7IekuSyvwB5YTs9je26S+D5YOcZVsN4rbOKmU2oKXyVPlek7UrZB3BvVgB8SurfPjZBxgm3rYRpkzg8jErqF3kUl2gx0tgD0qZx1+N2AFqxjxWWHUVEb2b0A8cusmHpx5wYZvdPBleIZcE0PBHJuWUGvJVnO5jh/53WMDRRWoKehAAYSuiydItuXfVoWKvCXQPM3x2OZg1I5My1QnLRVDAZ5hd0CEl0tnv6oM+2CBAncHIQOXS2goneO2bKtYQW8Sw6HZ6ePaSOG0SYXFwil4vAMd7JugLzh/ByRC/Lm2GuCNDdqphF7LQa46tl0xcHpv4h2IGyAgy5dj3UQV29woLthP+Byx6TMU1W5ykFt1YQcSXQj4w2dWPKMJrXFY9MvuhzVBUt4tkFwXDwMNtA9WtgDwTbZwiHz2DYd3vsZqfFY1s2TjqQvw4/YRvOduZn0zDG1yYxLn37fFnXdUwB5CmSZFtckwOH9azo1o59pQRWEuaQmPNEhqNuePCf6v0y1nF5TVfjRzSJ1+qZSyCxA5eX/oGEd58cJZs39ZVgx4IGRgSwq/f/q+s5cfuH0X4fqIXFHFh8XXCBxOsdetYxUBEgQ/pk4lsYaG/QqZvu8Vn98p5jcBFpoxJUCCu+qUBZO+8F4OHMD799kUUtdfQ4M8QAHqxIYThSjauxzDrsGP3YZ1WIPePLaljOWhPSwmtCRVbT+9s2x9cf9266JGhEARak/vykpUuOJ/NLy6sGJ9wdud784Z7Sbf718TBlpY1tlGPAMfpcIEZpCHsLcR8c/Gt4rEqdvYbdGExkC+hHZ5R0ysb4l+DSp4TQul4khqz9n4/+no6/Fkv8aax7BGDACM1YG/ArfE1BAcpBS/GUDx6PaKBfX1Emhc8gwRyWvWGXLNhHLER6sbNXHD618XNfhHzd82wrjdxKnac2rAZYakEng==
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: G19J9xpCevJqtCqCQMjJKm5EQrSwcF/hgHoey15jTI7JNtdjrwZ7t1mSfY4RsBH6c78cxm4K++5As4N6OL7UPPbgsE1s6eH6ZGtulpwrYXL7hUHOhn8rbjJsJXlwm9Sboeb/oourNHEnAJmNVWuVAERynAi+XlMSLK7vbR5dZxzpyaGglQ/agbO5t84iU48OdkkvOTNlASKErEz9hxGNZMOmtZ7YycsrWBId4uCtRYVxEgwWqFXZNfSITAvgLKZpSiIEBIq8E7fY4iZ5nVVe9fE4YxbRW+BpW21141gumCmSZH3V1fJIItLo5opgpQbMZQkPfLhMgvg5K+0VYuCpsHefzxoxGas2xi+5j6d17ijZIQt8PCIMTbpFdUjjrhtVjOR6cAU+pHBAEn8/6SpeKfZqnZU3PlPKMiPzaqtNa4A=
X-OriginatorOrg: mit.edu
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 28 Feb 2019 02:06:54.3126 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: d1613879-8630-4d2b-5275-08d69d216968
X-MS-Exchange-CrossTenant-Id: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=64afd9ba-0ecf-4acf-bc36-935f6235ba8b; Ip=[18.9.28.11]; Helo=[outgoing.mit.edu]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR01MB4855
Archived-At: <https://mailarchive.ietf.org/arch/msg/uta/dUKFSpWcHOTw5JE4ZKbJwUJOSTw>
Subject: Re: [Uta] Eric Rescorla's Discuss on draft-ietf-uta-smtp-require-tls-07: (with DISCUSS and COMMENT)
X-BeenThere: uta@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: UTA working group mailing list <uta.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uta>, <mailto:uta-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/uta/>
List-Post: <mailto:uta@ietf.org>
List-Help: <mailto:uta-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uta>, <mailto:uta-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Feb 2019 02:07:00 -0000

On Wed, Feb 27, 2019 at 07:09:33PM +0000, Salz, Rich wrote:
> I think Jim's explanation makes sense -- even if it's not required, you can still do best-effort -- and captures the desired semantics exactly right.  I hope the SecAD's will clear that discuss item.

To be clear: I don't have a particular problem with the specific mechanisms
and behavior that let a sender indicate an intent to knowingly send
messages that may not receive full TLS protection.  My objection is more on
the terminology used to describe the behavior, and the process by which the
change in behavior of existing protocols is specified.

-Benjamin

v2.23.0 | Report a Bug | By Email