[Top] [All Lists]

Re: [ietf-smtp] Request for discussion of Mandatory Secure Mail Delivery proposal (draft-wchuang-msmd)

2013-10-16 10:10:35
Hi Wei,
At 12:31 15-10-2013, Wei Chuang wrote:
Request for discussion (draft-wchuang-msmd) of a proposal to secure mail from eavesdropping and MitM attacks. All comments welcome on this thread. I'm mentioning the proposal also to apps-discuss@ and saag@ lists as this may be of interest to them too, but redirecting discussion to this list so its all happening in one place.

There has been some discussion about opportunistic on the (IETF) perpass mailing list. The problem, if I can call it that, is the assumption that "the destination will honor maintaining the MSMD protocol". There have been several proposals previously which have tried to maintain that in various ways.

I suggest taking a look at RFC 6710. If I recall correctly there was some discussion about why the assumptions being made might not work out well in general. It may be possible to find out whether the "might not work out well" is incorrect as there are implementations of the specification.

I hope that my comments are not discouraging. It is good to have a proposal such as draft-wchuang-msmd-00 as it provides a starting point to identify what could be done to get secure mail delivery.

I'll ask an unfair question. Would you provide me with the assurance that I will be safe if I use a mail provider which supported the proposal? I am aware that it is a high bar. That's one of the drawbacks of using the word "secure".

ietf-smtp mailing list

<Prev in Thread] Current Thread [Next in Thread>