6. Security Considerations
[...]
The information passed using either the UDP packet queries or HTTP
queries, such as the combination of sender's IP, MAIL FROM, and the
RCPT TO domain may pose some privacy issues. Similar information
already appears in message trace headers and those headers may have
already been viewed and logged by intermediate MX servers during
transit. Taking this perspective, the queries make use of
information that may have already been revealed else where.
However, with today's Internet privacy paranoia, a SIQ client MAY
choose to make HTTP queries over a TLS/SSL connection at the sake
of the speed and convenience offered by UDP queries or unencrypted
HTTP queries.
********************
These two paragraphs should be deleted, not only because they
disregard privacy concerns as "paranoia" but also because they miss
the point: the problem is not with a sniffer between the SIQ client
and the SIQ server but with the SIQ server itself.
The SIQ server will learn a lot about the mail use of its
clients. The information you leak to a SIQ server is quite sensitive
and this is what should be mentioned in "Security Considerations".
For instance, one of the reasons many people copy locally DNS RBLs
(with AXFR or rsync or else) is to avoid this problem. (The SIQ
protocol does not seem to provide bulk transfer.)
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg