Hi Wei,
At 12:31 15-10-2013, Wei Chuang wrote:
Request for discussion (draft-wchuang-msmd) of a proposal to secure
mail from eavesdropping and MitM attacks. All comments welcome on
this thread. I'm mentioning the proposal also to apps-discuss@ and
saag@ lists as this may be of interest to them too, but redirecting
discussion to this list so its all happening in one place.
There has been some discussion about opportunistic on the (IETF)
perpass mailing list. The problem, if I can call it that, is the
assumption that "the destination will honor maintaining the MSMD
protocol". There have been several proposals previously which have
tried to maintain that in various ways.
I suggest taking a look at RFC 6710. If I recall correctly there was
some discussion about why the assumptions being made might not work
out well in general. It may be possible to find out whether the
"might not work out well" is incorrect as there are implementations
of the specification.
I hope that my comments are not discouraging. It is good to have a
proposal such as draft-wchuang-msmd-00 as it provides a starting
point to identify what could be done to get secure mail delivery.
I'll ask an unfair question. Would you provide me with the assurance
that I will be safe if I use a mail provider which supported the
proposal? I am aware that it is a high bar. That's one of the
drawbacks of using the word "secure".
Regards,
-sm
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp