On Thu, Sep 19, 2013 at 11:32:41AM +1000, Mark Andrews wrote:
In message <20130919010115(_dot_)GB20999(_at_)www5(_dot_)open-std(_dot_)org>,
keld(_at_)keldix(_dot_)com writes:
On Wed, Sep 18, 2013 at 03:32:17PM +0100, Paul Smith wrote:
On 18/09/2013 15:11, keld(_at_)keldix(_dot_)com wrote:
The problems to solve are known for a long time, snooping on lines.
We can rebuild a part of the internet in a safer version. To have a
chance to make some impact, I believe it is necesary to build safer
defaults into major MTAs like postfix and sendmail.
My concern is that while something like TLS will have an effect on
criminals snooping on wireless networks etc, I can't see how it would
definitely help against governments.
The issue is - how do I know that the mail server I am sending the
message to is the one I should be sending the message to? If I don't
know that with a good degree of certainty, then using TLS won't achieve
security, because I could simply be dumping my messages on a compromised
server.
Yes, and that could even be done with plain SMTP.
Come on, TLS would be safer than plain unencrypted SMTP.
But you are right, we cannot be sure we are talking to the right server.
Governments have lots of ressources, and even for big countries it is
feasible to set up fake servers for every SMTP server in the country.
Well one could start by looking at the reponse to the HELO/EHLO and
comparing the offered server name to the expected server name. That
doesn't ever require TLS and is something that you need to fix when
deploying TLS.
Even RFC 821 suggested that one should be checking to ensure that
you are talking to whom you think you should be talking to.
3.5. OPENING AND CLOSING
At the time the transmission channel is opened there is an
exchange to ensure that the hosts are communicating with the hosts
they think they are.
Lots of MITM attacks would be prevented by doing just such a check.
DANE can also be used secure TLS against fake CERTs. Even governments
don't have the ability to fake the entire DNS. They may be able
to inject false data for the CC they control by getting access to
the private keys for the CC but they don't have the ability for
other CCs.
I think further checking of the MTA would be counterproductive.
I run a number of postfix servers, and one way or another
doing checks on them would invalidate them.
And they do run quite esteemed services.
Fortunately there is very seldomly any problems with them.
One runs on an IP-number where I do not control the reverse lookup name.
Several run services for a number of domains.
I believe there are already hooks in some MTAs to do further checking,
so people can already do it, if they want (and very few
do that because it will hurt legit email.)
best regards
keld.
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp