--On Thursday, March 21, 2013 08:25 -0700 Ned Freed
<ned(_dot_)freed(_at_)mrochek(_dot_)com> wrote:
Oh, one more thing. If clients did start sending NOOP as the
first command
after STARTTLS that would actually defeat the randomizing in
EHLO. That can be
addressed by sending something random in the response to NOOP,
or for that
matter just echoing what the client said.
Yes. Steve also suggested the liberal use of NOOP or spurious
extension announcements with random parameter strings in a
follow-up note.
But, especially given the relative importance of envelope
information relative to content and given that we know other
ways to really harden content that works end to end, I wonder
whether this is a discussion of the wrong problem. Specifically
I wonder whether it is analogous to worrying how to get the
windows locked down and barred really securely while leaving the
virtual door wide open. What is the threat model for which more
than nuisance-level encryption of the envelope is really
necessary and for which a marginal improvement in security with
a relatively weak algorithm is worth the trouble?
john
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp