Re: [Uta] [saag] UTA WG report
Orit Levin <oritl@microsoft.com> Thu, 30 March 2017 20:50 UTC
Return-Path: <oritl@microsoft.com>
X-Original-To: uta@ietfa.amsl.com
Delivered-To: uta@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 25C80129538; Thu, 30 Mar 2017 13:50:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.011
X-Spam-Level:
X-Spam-Status: No, score=-2.011 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GJpKg5BC5nIB; Thu, 30 Mar 2017 13:50:38 -0700 (PDT)
Received: from NAM03-DM3-obe.outbound.protection.outlook.com (mail-dm3nam03on0103.outbound.protection.outlook.com [104.47.41.103]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7DC831294A2; Thu, 30 Mar 2017 13:50:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=JdlTtnaDL5TgNpo4ey5QTwyV2a+lsVTGEdBAYp/6vag=; b=WblJ/IcoO64GTbLVlwTfM0P1ZZO4SfVWG50FibVKVQm9ZvbGeRB3a4vCntVYRvLS/9YGyiLheDilAKTw1VSgRAcUaLbGvhtZq++hSqIn681i4C9/x7wGqkbykcgDtgyZlvLpXkOIjoPOSFJV/0C1G3WoanPPaVCFncKBcam1F/c=
Received: from CY1PR0301MB2122.namprd03.prod.outlook.com (10.164.2.156) by CY1PR0301MB2122.namprd03.prod.outlook.com (10.164.2.156) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1005.10; Thu, 30 Mar 2017 20:50:26 +0000
Received: from CY1PR0301MB2122.namprd03.prod.outlook.com ([10.164.2.156]) by CY1PR0301MB2122.namprd03.prod.outlook.com ([10.164.2.156]) with mapi id 15.01.1005.013; Thu, 30 Mar 2017 20:50:26 +0000
From: Orit Levin <oritl@microsoft.com>
To: Keith Moore <moore@network-heretics.com>, "saag@ietf.org" <saag@ietf.org>
CC: "uta@ietf.org" <uta@ietf.org>
Thread-Topic: [saag] UTA WG report
Thread-Index: AdKpiVl4npOFw8VXR1uQSoEzKgRD0AABFRoAAAIV6MA=
Date: Thu, 30 Mar 2017 20:50:26 +0000
Message-ID: <CY1PR0301MB21225D1659C24FD946B66E5AAD340@CY1PR0301MB2122.namprd03.prod.outlook.com>
References: <CY1PR0301MB212290BDEA02EDE3ECEE0724AD340@CY1PR0301MB2122.namprd03.prod.outlook.com> <866da370-1475-c4cb-f86a-7a92b3778160@network-heretics.com>
In-Reply-To: <866da370-1475-c4cb-f86a-7a92b3778160@network-heretics.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: network-heretics.com; dkim=none (message not signed) header.d=none;network-heretics.com; dmarc=none action=none header.from=microsoft.com;
x-originating-ip: [2001:67c:370:128:5cc:d8dd:f79e:d91b]
x-microsoft-exchange-diagnostics: 1; CY1PR0301MB2122; 7:9cUaf0kgdpG8Mnp9eeRxQmiXsGpipTouFDnwWpZzws7oPpVLwc0ym8g4ZmfdR6JBm1Eq5VrzlBeyIBT1TYNMjkDqiqGZlhwL5E8yoPAXb+hgRDysIik8I+X+MtdDMGwgpRW2MZ8p552rB1MeRJg5AisnnbV/JfR3a9UCbWX/pOk6kStqn+DATIjJCzFALap6xi6JjIYkv+yMikcVWuWABtrHrZETaOQeIoJ5dsq+V9jTgNrzIRsBtGC/XbgiUTTTOhlqPsge5trL+l80IgFTq6Ul+HoiccTtExSXV4wPC7EfoUhFjxzxJKlFRTV/qo1jLgLkuHpC/wGrCC3Gz6Hf6k530DQORpePPCF072usmhY=
x-ms-office365-filtering-correlation-id: 3492a6cc-e855-4de8-de90-08d477ae64cf
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(2017030254075)(48565401081)(201703131423075)(201703031133081); SRVR:CY1PR0301MB2122;
x-microsoft-antispam-prvs: <CY1PR0301MB21226AB81D0C0912C8DFF8C8AD340@CY1PR0301MB2122.namprd03.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(100405760836317)(21748063052155);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(61425038)(6040450)(601004)(2401047)(5005006)(8121501046)(10201501046)(3002001)(6055026)(61426038)(61427038)(6041248)(20161123555025)(20161123560025)(20161123564025)(201703131423075)(201703011903075)(201702281528075)(201703061421075)(20161123562025)(6072148); SRVR:CY1PR0301MB2122; BCL:0; PCL:0; RULEID:; SRVR:CY1PR0301MB2122;
x-forefront-prvs: 02622CEF0A
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(39450400003)(39860400002)(39410400002)(39840400002)(39850400002)(39400400002)(24454002)(31014005)(377454003)(54356999)(236005)(8990500004)(3660700001)(122556002)(50986999)(10090500001)(76176999)(99286003)(6306002)(54896002)(9686003)(81166006)(8676002)(5005710100001)(7696004)(5660300001)(2950100002)(3280700002)(10290500002)(33656002)(53936002)(77096006)(6506006)(6436002)(2501003)(55016002)(4326008)(7906003)(7736002)(6116002)(102836003)(2900100001)(790700001)(6246003)(53546009)(189998001)(2906002)(606005)(74316002)(229853002)(8936002)(86362001)(38730400002)(25786009); DIR:OUT; SFP:1102; SCL:1; SRVR:CY1PR0301MB2122; H:CY1PR0301MB2122.namprd03.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en;
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_CY1PR0301MB21225D1659C24FD946B66E5AAD340CY1PR0301MB2122_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 30 Mar 2017 20:50:26.3723 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1PR0301MB2122
Archived-At: <https://mailarchive.ietf.org/arch/msg/uta/zHZzZFvcjjaq-atCbDmkiufPLVo>
Subject: Re: [Uta] [saag] UTA WG report
X-BeenThere: uta@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: UTA working group mailing list <uta.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uta>, <mailto:uta-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/uta/>
List-Post: <mailto:uta@ietf.org>
List-Help: <mailto:uta-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uta>, <mailto:uta-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Mar 2017 20:50:41 -0000
Keith, Great intro to gathering the very much needed feedback. Adding UTA so we can continue the discussion there. Thanks, Orit. From: saag [mailto:saag-bounces@ietf.org] On Behalf Of Keith Moore Sent: Thursday, March 30, 2017 12:42 PM To: saag@ietf.org Subject: Re: [saag] UTA WG report As co-author of this document, I frankly don't understand what the "BCP part" of draft-ietf-email-deep-06 is. BCP is appropriate for process documents, or for specifications that don't lend themselves to interoperability testing and thus cannot progress to full standard. Neither of those is the case for deep. The assertion was made by one of the meeting attendees that the goals of this specification can be met by mail service providers (MSPs) incrementally blocking access to customers whose mail user agents (MUAs) don't negotiate TLS. While I acknowledge that one MSP has successfully employed this strategy, I personally wonder how well this works for very large MSPs. To me it seems like the customer support burden would be substantial. But I'm working on getting feedback on the draft - both from implementors of widely-used MUAs, and from other MSPs - to see what they say about the draft. Regardless of whether this protocol gets support from implementors, I would not consider this work finished until we have consensus on how to upgrade all MUA-server traffic to use TLS 1.1 or better, and have confidence that this will enable us to deprecate cleartext and TLS <= 1.0 access to these services within a year or two. Of course, if there's general agreement among MSPs that they can do this without changes to MUAs and servers, so much the better. But the work isn't done until we have consensus on a way forward (whether it happens in UTA or not). Keith On 03/30/2017 03:13 PM, Orit Levin wrote: UTA WG met on Tue. All agenda topics relate to using TLS with e-mail protocols. MTA-MTA interface: The drafts are very close to WG LC. The only real open issue remains the choice between Jason and tag-value format. Implementers choice is split 50/50. Vast majority (if not all) are OK with implementing either. The AD (Alexei) will suggest specific syntax for tag-value format. All interested parties (i.e., potential implementers) are encouraged to chime in on UTA list because we will be resolving this last issue in the upcoming weeks and moving the draft to LC. MUA-MTA interface: the draft has been further updated. The relevancy (and the complexity) of the proposed protocol has been questioned during the meeting. Even if the answer is "irrelevant", the BCP part of the draft is still very useful. The authors will investigate and proceed according to the results. (Potentially, the draft could be shorten or split and the status changed to BCP, Experimental, or both.) REQUIRE-TLS draft: the draft has been discussed and found valuable for specific critical cases. It was suggested to continue working on the draft with an intent to be adopted by UTA or other (new) WG going forward. Orit. _______________________________________________ saag mailing list saag@ietf.org<mailto:saag@ietf.org> https://www.ietf.org/mailman/listinfo/saag
- [Uta] UTA WG report Orit Levin
- Re: [Uta] [saag] UTA WG report Orit Levin
- Re: [Uta] [saag] UTA WG report Jim Fenton
- Re: [Uta] [saag] UTA WG report Keith Moore