On Tue 15/Oct/2013 21:31:17 +0200 Wei Chuang wrote:
Request for discussion (draft-wchuang-msmd) of a proposal to secure mail from
eavesdropping and MitM attacks. All comments welcome on this thread.
Something similar to that is implemented in Courier-MTA, since a
couple of years ago IIRC. It is shortly described here:
http://www.courier-mta.org/draft-varshavchik-security-smtpext.txt
(There are specific instruction for setting it up here:
http://www.courier-mta.org/install.html#esmtpsecurity )
I cannot tell much more, because, although that's my favorite SMTP
package, I never enabled that extension.
On Wed 16/Oct/2013 12:04:28 +0200 Martijn Grooten wrote:
I do like the idea of using several tiers - but also wonder what
the implications will be when you demand tier 2 or higher and I can
only provide tier 1 security. Won't this just mean emails get
bounced all over the Internet?
+1, I'd suggest to describe the SMTP feature separately. A further
RFC can then take care of putting together all security related facets
of email in order to build a secure framework. The latter
specification would be similar in spirit to a prior attempt at
standardizing Certified Electronic Mail:
http://tools.ietf.org/html/draft-gennai-appsawg-cem
Ale
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp