Re: [yam] [Imap-protocol] Re: draft-daboo-srv-email: POP3S/IMAPS?

Arnt Gulbrandsen <arnt@gulbrandsen.priv.no> Mon, 18 January 2010 14:11 UTC

Return-Path: <arnt@gulbrandsen.priv.no>
X-Original-To: yam@core3.amsl.com
Delivered-To: yam@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 93A933A6A10 for <yam@core3.amsl.com>; Mon, 18 Jan 2010 06:11:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.459
X-Spam-Level:
X-Spam-Status: No, score=-2.459 tagged_above=-999 required=5 tests=[AWL=0.139, BAYES_00=-2.599, UNPARSEABLE_RELAY=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ThGzEZS-jjBN for <yam@core3.amsl.com>; Mon, 18 Jan 2010 06:11:07 -0800 (PST)
Received: from strange.aox.org (strange.aox.org [IPv6:2001:4d88:100c::1]) by core3.amsl.com (Postfix) with ESMTP id 559633A69C4 for <yam@ietf.org>; Mon, 18 Jan 2010 06:11:06 -0800 (PST)
Received: from fri.gulbrandsen.priv.no (kalyani.aox.org [79.140.39.164]) by strange.aox.org (Postfix) with ESMTP id 8F3E7FA0552; Mon, 18 Jan 2010 14:11:01 +0000 (UTC)
Received: from arnt@gulbrandsen.priv.no (HELO lochnagar.gulbrandsen.priv.no) by fri.gulbrandsen.priv.no (Archiveopteryx 3.1.3) with esmtp id 1263823669-45839-45838/5/32 (2 recipients); Mon, 18 Jan 2010 15:07:49 +0100
Message-Id: <1fQ38Id/bDvQxBfPPns2Vg.md5@lochnagar.gulbrandsen.priv.no>
Date: Mon, 18 Jan 2010 15:11:06 +0100
From: Arnt Gulbrandsen <arnt@gulbrandsen.priv.no>
To: imap-protocol@u.washington.edu, yam@ietf.org
References: <9A584868-5961-4871-B32E-915394043727@sabahattin-gucukoglu.com> <01NIK8RBBRJK004042@mauve.mrochek.com> <NvmPpzLxQER/jAcfFP13kQ.md5@lochnagar.gulbrandsen.priv.no> <6081A14A-42E5-4139-A57D-6DF01EF86BA7@iki.fi> <TGqvOaec0Cbt2mg7bqct1w.md5@lochnagar.gulbrandsen.priv.no> <alpine.LSU.2.00.1001181332190.6203@hermes-2.csi.cam.ac.uk>
In-Reply-To: <alpine.LSU.2.00.1001181332190.6203@hermes-2.csi.cam.ac.uk>
Content-Type: text/plain; format="flowed"
Mime-Version: 1.0
Subject: Re: [yam] [Imap-protocol] Re: draft-daboo-srv-email: POP3S/IMAPS?
X-BeenThere: yam@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Yet Another Mail working group discussion list <yam.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/yam>, <mailto:yam-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/yam>
List-Post: <mailto:yam@ietf.org>
List-Help: <mailto:yam-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/yam>, <mailto:yam-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Jan 2010 14:11:10 -0000

Tony Finch writes:
> On Mon, 18 Jan 2010, Arnt Gulbrandsen wrote:
>> Yeah. But I can't remember talking to anyone who really cared about 
>> allowing cleartext imap inside the firewall.
>
> I'm not sure exactly what you mean here, but I have counter examples 
> for two possible interpretations.

I meant that I can't remember speaking to anyone who REALLY WANTED to 
allow unencrypted IMAP inside the firewall. Sorry about the lack of 
clarity.

> If you mean that no one in your experience is worried by unencrypted 
> access from local IP addresses, then we certainly are especially for 
> wireless users.

Yes. I have also heard mutterings about ethernet jacks and ARP attacks, 
although that may be more paranoia than realism.

> If you mean that no one in your experience enables unencrypted access 
> from local IP addresses,

(On the contrary, people do, and I think it makes sense. A low-value 
feature is worth using if it's also low-cost, right?)

> then I believe it's fairly common for universities to do so to avoid 
> having to reconfigure thousands of desktop clients. It took us about 
> a year to completely disable unencrypted access - we wanted to avoid 
> huge spikes in support load.

Yes.

> With the right software it's fairly easy to restrict unencrypted 
> logins to local wired networks.

Timo's mail made me think of a different approach: Immediately expire a 
password if a server receives that password in clear text. Bang bang. 
(Let me guess: The words "support spike" entered your mind now.)

Arnt