[Top] [All Lists]

Re: Last Call: 'ESMTP and LMTP Transmission Types Registration' to Proposed Standard (fwd)

2003-11-10 10:00:18
On Mon, 10 Nov 2003 10:08:15 CST, Chris Newman 
<Chris(_dot_)Newman(_at_)Sun(_dot_)COM>  said:

I wanted to bring this last call to the attention of this list to make sure we
have rough consensus.

The draft as it stands looks OK to me, as it only adds registry values
to document existing practice.
One suggestion I've had through private mail is to add explicit text
recommending the use of these transmission types in new email software.

Now *this* is a can of worms. ;)

Yes, I think the world would be a better place if we all did this, but
there's operational concerns.  The biggest that I'm familiar with (since
I've been bit by it several times) is that STARTTLS usually requires
a certificate in order to get itself launched (yes, I know there's
a few modes like Diffie Hellman that don't require a cert, but they have
problematic support out in the real world).  The quick and easy solution
is to simply crank out a self-signed cert.  The problem is that at least
one widely used MUA chokes and throws up a confusing "unknown cert" box
to the user if they try to post to a mail server that's doing that.

Now mind you, I think in most cases the added security benefit of a
actual CA-signed cert is minimal (Hint - when was the last time you
went and clicked on the little padlock icon in your browser and verified
the site you were talking to really was the right site?), so I'm more
interested in the effects widespread crypto has on traffic analysis
(it's no secret that I trust my current government less than I trust
the terrorists out there).  On the other hand, we *do* need to be aware
of the operational implications - the effect on already-distributed broken
MUA's was one of the primary reasons why Sendmail 8.12 didn't include this
as a default.

Attachment: pgpSIKGBSWtCP.pgp
Description: PGP signature