On Thu, 13 Nov 2008, Mark Andrews wrote:
In message <491B7C7E(_dot_)70900(_at_)dcrocker(_dot_)net>, Dave CROCKER writes:
Mark Andrews wrote:
Tony Finch writes:
SMTP over TLS to an MX does NOT protect against man in the middle attacks.
It does when you turn on DNSSEC
Perhaps I'm not understanding, but I think you just confirmed that Tony's
statement was correct.
No. To protect against man-in-the middle you need to know with whom you
are supposed to be talking. SMTP over TLS will do that provided you have
that knowledge. One way to aquire that knowledge is to use DNSSEC to
prevent spoofed MX records.
You also need the server to provide a verifiable TLS certificate. The vast
majority of them are not. This problem is perhaps even harder to fix than
the lack of DNSSEC.
Another way is to use configuration information.
Which is useful for a few select senders and recipients, but doesn't
scale to all the external destinations a site might use.
You also need to configure you MTA to not use plain SMTP if STARTTLS is
not offered by MTA. This can be done globally or on a MTA by MTA basis.
Which would mean you can only send email to a vanishingly small number of
Having the ability to signal if the MTA is supposed to offer STARTTLS in
the DNS would remove the downgrade attack path, in the general case.
Right, there are several improvements of this kind that need to be made to
the protocol before it can provide widespread security without explicit
per-recipient configuration at every sending site.
ESMTP STARTTLS has its place - it works OK for message submission - but I
think we need something different for TLS to MXs.
f.anthony.n.finch <dot(_at_)dotat(_dot_)at> http://dotat.at/
SOUTHEAST ICELAND: SOUTHWESTERLY VEERING NORTHEASTERLY, 5 TO 7, VEERING
SOUTHWESTERLY IN FAR SOUTH LATER. ROUGH OR VERY ROUGH. RAIN OR SQUALLY
SHOWERS. MODERATE OR GOOD, OCCASIONALLY POOR.
Ietf mailing list