ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: RFC 2487 [5]: Suggest dropping of "TLS Required"- forbid and extensions of current standards

2005-08-21 12:27:06
from [Harald Tveit Alvestrand] [Permanent Link] 


--On 21. august 2005 01:34 +0200 thomas schorpp 
<t(_dot_)schorpp(_at_)gmx(_dot_)de> wrote:


but AICPA or CICA are no "can of worms" ;)

what hassle with tls?

install postfix, etc, get certificate signed and enable - ready.


if you're a private mailserver, and know your technology by heart, easy.
If your domain is "aol.com", or anything where 1 hour of downtime generates more than 1000 angry calls from customers? 
If your mailserver is a Sendmail with a heavily customized sendmail.cf?
If your mailserver is interfaced to CC:Mail?
If you require your legal department to sign off on any contracts, including the one you have to enter into with CACert? 

Don't underestimate the work required to upgrade a million mailservers.
(nevertheless, when I get a free 4 hours, I intend to do just what you suggest for my own Postfix installation, and offer OPTIONAL TLS-protected SMTP... it will be interesting to see if anyone takes advantage of it...) 

                        Harald






_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: BCPs and STDs, Yaakov Stein
Next by Date:  Re: Why have we gotten away from running code?, JFC (Jefsey) Morfin
Previous by Thread:  Re: RFC 2487 [5]: Suggest dropping of "TLS Required"- forbid and extensions of current standards, Harald Tveit Alvestrand
Next by Thread:  RE: RFC 2487 [5]: Suggest dropping of "TLS Required"- forbid and extensions of current standards, Hallam-Baker, Phillip
Indexes:  [Date] [Thread] [Top] [All Lists]