IETF Logo Mail Archive

Re: [Uta] Eric Rescorla's Discuss on draft-ietf-uta-smtp-require-tls-07: (with DISCUSS and COMMENT)

Benjamin Kaduk <kaduk@mit.edu> Fri, 01 March 2019 02:11 UTC

Return-Path: <kaduk@mit.edu>
X-Original-To: uta@ietfa.amsl.com
Delivered-To: uta@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 68C8D131113; Thu, 28 Feb 2019 18:11:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mit.edu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Acbd_Div6kqc; Thu, 28 Feb 2019 18:11:26 -0800 (PST)
Received: from NAM05-DM3-obe.outbound.protection.outlook.com (mail-eopbgr730134.outbound.protection.outlook.com [40.107.73.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0D7851310E6; Thu, 28 Feb 2019 18:11:25 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mit.edu; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=PjJ0uwSVE/uWNmdUBtM/kSt9F1YQrx3+23YAjZEcXzk=; b=xt98/KfJ7r5nW2Sq49VlFwca7tBfNTWBf4yvNfP9SHgfpQkmxPWJt9NcbM0hEf8r3whtYbLo8AvPmyDS7MdGtJhTN05XNfRNfbN3XwRBVMSslikSotyiigVMsGrN2KgP8yf1cszyYloLA6Pnd+347sNmSo4hkJpMvYKsxDRSjpM=
Received: from DM5PR0102CA0017.prod.exchangelabs.com (2603:10b6:4:9c::30) by DM6PR01MB5609.prod.exchangelabs.com (2603:10b6:5:157::25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1643.16; Fri, 1 Mar 2019 02:11:24 +0000
Received: from DM3NAM03FT028.eop-NAM03.prod.protection.outlook.com (2a01:111:f400:7e49::207) by DM5PR0102CA0017.outlook.office365.com (2603:10b6:4:9c::30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.1665.15 via Frontend Transport; Fri, 1 Mar 2019 02:11:24 +0000
Authentication-Results: spf=pass (sender IP is 18.9.28.11) smtp.mailfrom=mit.edu; ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=bestguesspass action=none header.from=mit.edu;
Received-SPF: Pass (protection.outlook.com: domain of mit.edu designates 18.9.28.11 as permitted sender) receiver=protection.outlook.com; client-ip=18.9.28.11; helo=outgoing.mit.edu;
Received: from outgoing.mit.edu (18.9.28.11) by DM3NAM03FT028.mail.protection.outlook.com (10.152.82.196) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.1643.13 via Frontend Transport; Fri, 1 Mar 2019 02:11:24 +0000
Received: from kduck.mit.edu (24-107-191-124.dhcp.stls.mo.charter.com [24.107.191.124]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id x212BLRL009356 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 28 Feb 2019 21:11:22 -0500
Date: Thu, 28 Feb 2019 20:11:20 -0600
From: Benjamin Kaduk <kaduk@mit.edu>
To: uta@ietf.org, uta-chairs@ietf.org, draft-ietf-uta-smtp-require-tls@ietf.org, The IESG <iesg@ietf.org>
Message-ID: <20190301021119.GM53396@kduck.mit.edu>
References: <155076162945.8595.2671476533659571699.idtracker@ietfa.amsl.com> <554356ec-de3a-08ed-a920-0397813895e0@bluepopcorn.net> <CABcZeBPOWVhPTpBt3E8GsqH7LMtG4y04voqTCLS=PG3hZk+NaA@mail.gmail.com> <CALaySJKdQziPJerfW9RJ_tExytaESjmfNMysRduYJ93z=kuyAg@mail.gmail.com> <B1634A55-35BF-441A-B9AB-611DFBBFBA55@dukhovni.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <B1634A55-35BF-441A-B9AB-611DFBBFBA55@dukhovni.org>
User-Agent: Mutt/1.10.1 (2018-07-13)
X-EOPAttributedMessage: 0
X-Forefront-Antispam-Report: CIP:18.9.28.11; IPV:CAL; SCL:-1; CTRY:US; EFV:NLI; SFV:NSPM; SFS:(10019020)(346002)(376002)(39860400002)(396003)(136003)(2980300002)(189003)(199004)(46406003)(47776003)(356004)(305945005)(55016002)(8936002)(52396003)(33656002)(106002)(7696005)(8676002)(76176011)(229853002)(104016004)(4744005)(88552002)(5660300002)(2906002)(11346002)(2201001)(446003)(53546011)(23726003)(86362001)(75432002)(426003)(6246003)(486006)(336012)(50466002)(97756001)(26005)(16586007)(316002)(93886005)(246002)(110136005)(478600001)(26826003)(1076003)(186003)(126002)(53416004)(956004)(36906005)(450100002)(786003)(58126008)(476003)(106466001)(18370500001); DIR:OUT; SFP:1102; SCL:1; SRVR:DM6PR01MB5609; H:outgoing.mit.edu; FPR:; SPF:Pass; LANG:en; PTR:outgoing-auth-1.mit.edu; MX:1; A:1;
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 23a93b7d-bc85-4e65-3634-08d69deb34a2
X-Microsoft-Antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600127)(711020)(4605104)(4608103)(4709054)(2017052603328)(7153060); SRVR:DM6PR01MB5609;
X-MS-TrafficTypeDiagnostic: DM6PR01MB5609:
X-Microsoft-Exchange-Diagnostics: 1; DM6PR01MB5609; 20:KlIF0e/3Ob3OG+SHtEA+pn4GJjnSjxOrc4R/fjKlXVlBoS1d+9bsSRdG01sGeJEo2yVjDBSg0wUyC3qcQT9qcw2VZ75+3/31QaYJ0/DsJat/nL+YKh6WJK7yrBSQqXAq2vbOVb3xqTR+HdYdJqr9ICX6K+gQPFeHVz5/xyHt9SQzdtWmVexpiwCuAzFkOGCvOLajA2RECAhvuiQS9OiaKVrVJ/XAj7HQu31nGcBscBl9xnS+1tN4UjA5yjD4INTn7X9SUJYDIX+atY+2R4xT6s3pOG2RhZ+OEe21CblLkG/+rEMDEQHkLXhxwPx9fEAREQoGpGaSAcCTOsD7ZGuRUHcBI/RIQBcG42tZiFeUpWgjoA8JVPJ2elO+cU1qDls/c9MGsmfVB09a2UWlyIyysPU6+4/yA0XsaIUG80oP3850bxYiN7zc8/VFpE8MQ19C5H4irKI0o/3k0shUE6yRd/Px/sgxvLWINvagliR7fKGh+Fv6sfKJY8fjTOio+Psuh0EN50TAA50deFQwZApcstPdOTRYsywQSUATI1acFj3V4SaLjgO5hNuJSTa9LgWOZcbYwOk34ecMkZWdBsnTOeUcQJ0FIn6kOCixJwhIelY=
X-Microsoft-Antispam-PRVS: <DM6PR01MB5609343DB6B177A4BA9DC6D0A0760@DM6PR01MB5609.prod.exchangelabs.com>
X-Forefront-PRVS: 09634B1196
X-Microsoft-Exchange-Diagnostics: 1; DM6PR01MB5609; 23:ckoaVK0DhuqKBW2trlX7c/OKwe69vAX4Vp0P2Kek9AS2emw8TGLBltdYuVDyAYxAot4pR94Fb4oF8zciz3kuMH5RuHFNd5QOsvlQ3eavyN51tTjQRgFqMDtY+aIodBaNZlVHMikEja7C8z2qTQOprTMb4WwEKvFGaqgJZL7ebF+7PZxOGSEBkZfn++MnZDbokhHlyJDr2N4cCONq3XJ2HRyFs/ESmWHrkGlO1MzICPavP8J2Ay3MiS9s2hXkDoubvSuAilEAOoeVWUv4OOmZ+vs/jrW9ROo5N67GeBghQimAPXFMKxBewWIVbcs16bNNgjI1qtJn7MXoFHdV0Q3EkYMnKbz/46OpJ50VwQ1sLmHhLGF8R9J0rXZCFa6Ru2U619saCu5fJZ9g6FJ9BgAwJ9va7cKhTun+Hi+8IXpxEKE4iio4OdyXcm6DhlTWVMkybSQTLaKvFKYBCS1OCAuQSNqJOqpM5Qwqm0ikeC2tFf+sgUhJR6+/UvHh61LZEXE1l0Ym7AbAAC8YjiY3ybVdP+VBfDH7zTJECnyNR9yVP3Ccy4/bQOZNEJ/WOjsQw4WZmRugzTO64Y/YHN3VsZgzte1tyaBAXdYUFoAgLxdC+bqsiaKHbeMaHBma6o6WG0BoAeJq1osQZkHM23/+DTLDScu9pLiNlks6E6ViVAZfVNSThujt8nVQ2AakkgVz+NzbSAVmoUzY1ynMKTsqwWOpJ6Z4tXl84zBw8sI2qVmf4EHVHtOl6jWI10j8Fj238bQh8+2inB9m5U7Aeb2AJeR8yfF9ITeVfJKAgLHiZQ0nHsFMMcxHy2LAgIgQ2pUu0Ei+X6T2e9gEnGXnByRIM8m5N9VpgWBOp3//UGN11g6V7ZdF4R3XqtdvCtzxCR0A883DuB8HhA/llJ7nNHJa+JdhtKbf4Jd+khK5FE7+PG2VJlJ+jLM0peNeUqibSksDDqXUcvT7+ZF1nQVdlV4yiJmgArjFnFemuBaJJH62ti7CTRjzsy4MsMHOIXyHV0R93ro8KX31HlGS/oM2T1EsZZruW97JCjczj5lnX8oZo6mWSrQr3AtmdQeFdLKp+DLRhg+jEI+wC5A5TvE01RIaEHT9lJ9n86zzBUTri7f/saxEnNxSC3fFdOeJC6THRL42mvtdQp2b3Tlm7EnJBy9d0F3BRBwVbSQ8svxyKLzxROiEE85pbl4olJbQTdpwnKww7HGB7BhsFkYkItPaY58+HI9ktqGZYQGdqNiduhR7LsNwfCaBdLpMYZC4sOw0LmnfChcGtRBf0NRJNby8GcJYcFRrqA==
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: BLJUov81stJcbopaU9KaQo9+HgoqxWVNBxat5idwPFBnJEqVErNlNejVa/TytMGmrFNtc9i2P5blvfmX+JnBk3/uJJHF1idKIfBny1OUOOXVrOpZblQB95DLO6rzNIHMA8xZ/SEO6IcJIQ1ld2bmvFf8ZcHNv1mE3ZTz/9UTLX/ht72UZGpwez7SEt2MCuF0bmo8PB+XqKDZOTe/3/26COVOIgtzL9AI8E78FTyhhuFrTM16OXXJj8p6jYNtmT1+wG00Msq1MlrN0mJ7cXpT2RsNeD1cIza7gF1YZvNzu5Vq4xJeJxCCkFHhCVqA41hpxcehUV8W3cVtfX+NpYmBGw2zYMADEMPaoYi/h06rqH5hV0ukM5B+qoH1OJti3GugnnVlSYNSSx3oVjkD5AVCwVQweBM284kowGpm+50vxpI=
X-OriginatorOrg: mit.edu
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 01 Mar 2019 02:11:24.1692 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 23a93b7d-bc85-4e65-3634-08d69deb34a2
X-MS-Exchange-CrossTenant-Id: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=64afd9ba-0ecf-4acf-bc36-935f6235ba8b; Ip=[18.9.28.11]; Helo=[outgoing.mit.edu]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR01MB5609
Archived-At: <https://mailarchive.ietf.org/arch/msg/uta/kRaV1m0BfT81thKGn_xxABx5J0g>
Subject: Re: [Uta] Eric Rescorla's Discuss on draft-ietf-uta-smtp-require-tls-07: (with DISCUSS and COMMENT)
X-BeenThere: uta@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: UTA working group mailing list <uta.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uta>, <mailto:uta-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/uta/>
List-Post: <mailto:uta@ietf.org>
List-Help: <mailto:uta-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uta>, <mailto:uta-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Mar 2019 02:11:29 -0000

On Thu, Feb 28, 2019 at 11:42:08AM -0500, Viktor Dukhovni wrote:
> 
> 
> > On Feb 28, 2019, at 11:01 AM, Barry Leiba <barryleiba@computer.org> wrote:
> > 
> > I have to agree with EKR about it not completely being the sender's
> > decision, though for a rather different reason.  I really doubt that
> > in the vast majority of cases any human user will actively choose or
> > not choose this option on a message-by-message basis.
> 
> The primary motivation for "Require TLS = no" is to allow the user
> to *resend" a message that is not getting through, or to reach the
> destination domain's postmaster because of downstream (receiving
> system misconfiguration), to send a message that requires no meaningful
> confidentiality.  Individual users are very well positioned to make

If those are the *primary motivation*s, then why does neither "resend" nor
"postmaster" appear in the -07?

-Benjamin

v2.23.0 | Report a Bug | By Email