[Top] [All Lists]

Re: Last Call: SMTP Service Extension for Secure SMTP over TLS to Proposed Standard

2001-07-09 07:51:57

Idle speculation: Perhaps a compromise position would be to allow this
sort of caching but to limit the period for which it may be
used. E.g. the cache must expire in no more than 1 day. This would
produce some bouncing but limit the scope of that bouncing. The
advantage would be that the attacker would have to mount a concerted
active attack over a period of a day.

I don't think this will fly.  Any period of time during which valid mail will 
be bounced is too long.  Brief periods of time during which temporary failures 
would result from a mismatch might be tolerable, but a day is too long.

I guess I'm of the opinion that such knowledge must be explicitly configured 
if MTAs are going to fail if it is not accurate - MTAs should not be making