IETF Logo Mail Archive

Re: [Uta] REQUIRETLS: another SMTP TLS mechanism

"Orit Levin (CELA)" <oritl@microsoft.com> Fri, 25 March 2016 16:30 UTC

Return-Path: <oritl@microsoft.com>
X-Original-To: uta@ietfa.amsl.com
Delivered-To: uta@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3BE4812DC35 for <uta@ietfa.amsl.com>; Fri, 25 Mar 2016 09:30:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.003
X-Spam-Level:
X-Spam-Status: No, score=-2.003 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eadP-JXqg598 for <uta@ietfa.amsl.com>; Fri, 25 Mar 2016 09:30:00 -0700 (PDT)
Received: from na01-by2-obe.outbound.protection.outlook.com (mail-by2on0104.outbound.protection.outlook.com [207.46.100.104]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DE1DF12DBA8 for <uta@ietf.org>; Fri, 25 Mar 2016 09:29:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:To:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=rF9iDJPHDGXGNi5WqEVcraVkLZPtVmglVhbBbLXTuP4=; b=crJkNLWbLpDS7gLPkXVA0/12VpSarFAv/BKVi2zOnj7v3E/ABmiNg6G0It4Xr6aKLbr6Nw1eNU9NRAgxUBu2DmNgaZqiV2Ir9KmKy1Y7HQV72lGok4UK4jnGmCtJJ1JyoMrMxW3raWMGN2YFAuKs/PeO9p6yC+eHfCH9Z90hkZ4=
Received: from BN3PR0301MB0867.namprd03.prod.outlook.com (10.160.155.141) by BN3PR0301MB0866.namprd03.prod.outlook.com (10.160.155.140) with Microsoft SMTP Server (TLS) id 15.1.447.15; Fri, 25 Mar 2016 16:29:58 +0000
Received: from BN3PR0301MB0867.namprd03.prod.outlook.com ([10.160.155.141]) by BN3PR0301MB0867.namprd03.prod.outlook.com ([10.160.155.141]) with mapi id 15.01.0443.015; Fri, 25 Mar 2016 16:29:58 +0000
From: "Orit Levin (CELA)" <oritl@microsoft.com>
To: Jim Fenton <fenton@bluepopcorn.net>, "uta@ietf.org" <uta@ietf.org>
Thread-Topic: [Uta] REQUIRETLS: another SMTP TLS mechanism
Thread-Index: AQHRhjvYu/WxCBEimkKZ9nCoh2YAZ59qWiWw
Date: Fri, 25 Mar 2016 16:29:58 +0000
Message-ID: <BN3PR0301MB0867BFD6CB332E18F6AD2C83AD830@BN3PR0301MB0867.namprd03.prod.outlook.com>
References: <56F49E9B.2090403@bluepopcorn.net>
In-Reply-To: <56F49E9B.2090403@bluepopcorn.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: bluepopcorn.net; dkim=none (message not signed) header.d=none;bluepopcorn.net; dmarc=none action=none header.from=microsoft.com;
x-originating-ip: [73.42.162.82]
x-ms-office365-filtering-correlation-id: a2262e0d-a6db-4194-bc08-08d354cab501
x-microsoft-exchange-diagnostics: 1; BN3PR0301MB0866; 5:KgLu/rFPi570BRFRP0VR7HZ8zoLrazLXtR+d9Ol2rjYKX+no+9a06N7128C0aMpJyI6tB7CPTroPR72DxEgZS2ko66yekCMv3WEtcr73pnIp59erQ+RKbss7h+wpXpHobWGxr8f0MrJiaoPq+Hs0Yw==; 24:I+SkID4El9s1S6rRzBFjQuhlzmOH8khb9wIDFPzWunwy4IQignhg9EnilZ5BQng2YxKgDuHu28AcMk5yVCO1RaUOJIBfQ7r27SyIgJQpXD4=
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:BN3PR0301MB0866;
x-microsoft-antispam-prvs: <BN3PR0301MB0866F735493A4F9C072C451BAD830@BN3PR0301MB0866.namprd03.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(61425038)(601004)(2401047)(8121501046)(5005006)(3002001)(10201501046)(61426038)(61427038); SRVR:BN3PR0301MB0866; BCL:0; PCL:0; RULEID:; SRVR:BN3PR0301MB0866;
x-forefront-prvs: 0892FA9A88
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(377454003)(25584004)(86612001)(66066001)(87936001)(81166005)(74316001)(33656002)(99286002)(107886002)(189998001)(8990500004)(5001770100001)(92566002)(5003600100002)(1096002)(1220700001)(5008740100001)(76576001)(86362001)(76176999)(15975445007)(122556002)(2900100001)(2950100001)(10400500002)(10290500002)(10090500001)(2501003)(5005710100001)(19580395003)(3280700002)(54356999)(11100500001)(102836003)(19580405001)(77096005)(106116001)(3660700001)(2906002)(586003)(3846002)(5002640100001)(6116002)(50986999)(5004730100002)(217873001); DIR:OUT; SFP:1102; SCL:1; SRVR:BN3PR0301MB0866; H:BN3PR0301MB0867.namprd03.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en;
spamdiagnosticoutput: 1:23
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 25 Mar 2016 16:29:58.4882 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN3PR0301MB0866
Archived-At: <http://mailarchive.ietf.org/arch/msg/uta/h1pHAAdTGU83nHFHthRrOIzVnBI>
Subject: Re: [Uta] REQUIRETLS: another SMTP TLS mechanism
X-BeenThere: uta@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: UTA working group mailing list <uta.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uta>, <mailto:uta-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/uta/>
List-Post: <mailto:uta@ietf.org>
List-Help: <mailto:uta-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uta>, <mailto:uta-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 25 Mar 2016 16:30:02 -0000

Thank you, Jim. Definitely should be a part of the conversation.
You are on the Agenda!
Orit.

> -----Original Message-----
> From: Uta [mailto:uta-bounces@ietf.org] On Behalf Of Jim Fenton
> Sent: Thursday, March 24, 2016 7:13 PM
> To: uta@ietf.org
> Subject: [Uta] REQUIRETLS: another SMTP TLS mechanism
> 
> Not to distract from the STS discussion, but I thought I'd point out
> another approach to SMTP TLS 'encouragement' that I submitted a few
> weeks ago: draft-fenton-smtp-require-tls-01. There has been some
> discussion of this draft, primarily on the ietf-smtp mailing list and a
> little on the perpass list.
> 
> REQUIRETLS is an SMTP service extension that allows an SMTP client to
> specify (via a MAIL FROM option) that a given message must be sent over
> a TLS protected session with specified security characteristics. Options
> allow the specification of allowable methods of server certificate
> verification, including web-PKI and DANE. In advertising its support for
> REQUIRETLS, the SMTP server is promising to honor that requirement.
> 
> The idea here is that REQUIRETLS allows the SMTP client to override the
> default "deliver even if you can't do it securely" behavior of SMTP. The
> philosophy is that the sender of the message (SMTP client) is in the
> best position to know if a given message should only be sent via TLS,
> either based on some information it has about the sensitivity of the
> message or based on the client's local policy.
> 
> I plan on giving a short talk on REQUIRETLS (remotely) at the BA UTA
> meeting.  Questions or comments are of course welcome, either here or on
> ietf-smtp.
> 
> -Jim
> 
> _______________________________________________
> Uta mailing list
> Uta@ietf.org
> https://www.ietf.org/mailman/listinfo/uta

v2.23.0 | Report a Bug | By Email