[Top] [All Lists]

Re: [Asrg] 6. Proposals - AMTP (rev 01) - MPC

2003-10-02 13:47:28
On Thu, Oct 02, 2003 at 02:12:42PM -0500, Bill Weinman wrote:
In my vision, *most* systems will follow the rules. Those that don't will 
try to obfuscate and hide and lie. With authenticated connections they will 
be easier to find and isolate. That sounds to me more manageable than what 
we have today.

RFC 3207 - SMTP Service Extension for Secure SMTP over Transport Layer
Security - describes STARTTLS that can be used for TLS connections.
Clients can e.g. make a normal SMTP connection and switch to TLS
immediately. This (though patches) is available for nearly all MTAs I
know of. I have never seen it used, however. A friend of mine told me 3
or 4 months ago that he has about 10 TLS connections a week (out of some
10000 a day) and it is always the same server.
RFC 3207 provides already the TLS/X.509 part on AMTP.

That's done in the RCPT response. You seem to be suggesting a per-recipient 
advertisement of MPC values. I decided against that to keep down the number 
of round-trips. As the spec currently stands, a client doesn't get per-user 
MPC values, it just gets 250 or 550 (or occasionally 451) reply codes for 
each RCPT.

Hmmm ... you can save the round trip making ESMTP PIPELINING mandatory.

Do you mean "senders that ignore the MPC values in the EHLO response"? They 
will get a 550 later in the conversation. And they risk getting added to a 

You surely mean "block list" and not CRL.
CAs certify identity and if I'd buy a cert that correctly says "you are" and they'd revoke it because I don't stick to MPC
I'd sue them to Pluto and back.
And exactly this is the reason why I don't "trust":
1) I don't trust CAs in general, because they have done (Verisign/Microsoft)
   and probably do enough bullshit with certs. (If I look at what happens
   when customers buy certs ... oh my god).
2) Certs do say nothing about "good" or "bad". They *try* to help with
   identification. A CA certifies: "this domain/address belongs to company X
   or person Y". That's all. And just like I don't trust everyone on the
   street and give him my house key only because he can show me a valid
   (governmental) identity card, I don't trust any connecting host more than
   I would do without a cert.
With all the webservers and https the real meaning of a cert has been
perverted by Joe Loser and Jane Journalist.

And no, I don't want a centralised CA for mailservers.
Look at the DNS wildcard issue and you can see what happens if you give
one company too much power. And coincidentially this company is also a CA.
Holy bullshit.


SpaceNet AG            | Joseph-Dollinger-Bogen 14 | Fon: +49 (89) 32356-0
Research & Development |       D-80807 Muenchen    | Fax: +49 (89) 32356-299
"The security, stability and reliability of a computer system is reciprocally
 proportional to the amount of vacuity between the ears of the admin"

Asrg mailing list