[Top] [All Lists]

[ietf-smtp] Request for discussion of Mandatory Secure Mail Delivery proposal (draft-wchuang-msmd)

2013-10-15 14:37:05
Hi ietf-smtp,

Request for discussion (draft-wchuang-msmd) of a proposal to secure mail from
eavesdropping and MitM attacks.  All comments welcome on this thread.  I'm
mentioning the proposal also to apps-discuss@ and saag@ lists as this may
be of interest to them too, but redirecting discussion to this list so its
all happening in one place.

Here's the abstract:

   Opportunistic SMTP TLS does not enforce electronic mail delivery
   using TLS leading to potential loss of privacy and security.  We
   propose an optional mail header extension "mandatory-secure-mail-
   delivery:" and SMTP EHLO response extension "MSMD" that indicates
   mail must be delivered privately using TLS and with integrity using
   DKIM, and thereby provide a security guarantee to the user.  When
   mail is sent with the header indicating privacy and integrity and if
   the receiving party does not support this, the mail is instead
   bounced.  To protect the mail after delivery, the destination SMTP
   server must advertise its capabilities as part of the EHLO response,
   and the sender can choose whether the destination is able to honor
   the privacy requirements specified on the mail header.

Link to the proposal here:


PS Pardon for any IETF formatting or etiquette errors as I'm very new to
the IETF process.
ietf-smtp mailing list