On Thu, 23 Oct 2008, John C Klensin wrote:
Any chance that someone could get motivated to generate an I-D, with
these documentation weaknesses fixed, and move it toward Draft Standard?
Certainly there are a sufficient number of interoperable implementations
to meet that particular requirement.
RFC 3207 is extremely weak from the security point of view.
For example, it says "The additional option of using TLS when possible
SHOULD also be provided." This option makes most MUAs vulnerable to
man-in-the-middle attacks in common configurations. The RFC suggests a
mechanism to mitigate this weakness - "An implementation MAY provide the
ability to record that TLS was used in communicating with a given peer and
generating a warning if it is not used in a later session" - but it's only
a MAY and no-one actually implements it.
There is no firm specification of how an SMTP implementation should use
the results of TLS authentication, so in practice MTAs just ignore the
results. (MUAs are better.) As a consequence many TLS certificates offered
by MX hosts match neither the MX's mail domain nor its host name. A
postmaster can only avoid this vulnerability by setting up a special
bilateral agreement to require TLS certificate authentication between two
MTAs, but this is impossible for general inter-domain email so TLS as
deployed provides no protection against active atacks.
There is no discussion of the mismatch between MX records and TLS
certificate authentication. Even if the problems in the previous paragraph
are fixed, an attacker can still eliminate any benefit of authentication
by attacking the DNS. Since TLS authenticates the host name not the mail
domain, it cannot detect that an MX has been redirected.
There are other problems with the specification but I think those are the
worst.
Tony.
--
f.anthony.n.finch <dot(_at_)dotat(_dot_)at> http://dotat.at/
NORTH UTSIRE SOUTH UTSIRE FORTIES CROMARTY FORTH: SOUTHWESTERLY 7 TO SEVERE
GALE 9, PERHAPS STORM 10 LATER. VERY ROUGH OR HIGH, OCCASIONALLY ROUGH IN
FORTH. RAIN OR SQUALLY SHOWERS. MODERATE OR POOR, OCCASIONALLY GOOD IN
CROMARTY AND FORTH.