ietf-smtp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-smtp] Request for discussion of Mandatory Secure Mail Delivery proposal (draft-wchuang-msmd)

2013-10-16 13:27:40
from [Wei Chuang] [Permanent Link] 
Hi  Paul,


On Wed, Oct 16, 2013 at 9:42 AM, Paul Smith <paul(_at_)pscs(_dot_)co(_dot_)uk> 
wrote:


On 16/10/2013 11:04, Martijn Grooten wrote:


5. Recommendations

I don't claim to be an expert on user interfaces or in human
understanding of tehnical protocols, but do you really think that an
average user can
make an informed decision on whether to use an option that requires
secure channels for email delivery, but still allows for the email to be
read at many placed along delivery route, while generating the bounce in
case one of the channels can't be adequately secured?


This is my problem. I can see it being marketed as a 'way of sending
secure email' rather than a 'way of getting more bounces than successful
deliveries'.



As noted before, I don't have a fully satisfactory answer.  Perhaps:
1) consumer education
2) deployment to sophisticated users e.g. corporate users first
wait for the majority of the ecosystem to deploy SMTP STARTTLS
3) then deploy to all users

-Wei



It isn't going to make email totally 'secure' - but it will improve it so
I can see the advantage of the idea. However, I worry that end users will
just tick the box by default (who would choose to use the 'send insecure
email' option?) and then the people who manage the servers will be deluged
with problem reports about emails not being delivered.

At what level of 'secrecy' would you expect this to be used? For 'really
top secret messages', you'd be daft to use this, as it's not totally
secure. For 'my holiday photo messages' you'd be daft to use it, as they're
not secret, and you'd really rather the message got through than caring
that some CIA agent got to waste time looking at your picture of a mountain.



-

Paul Smith Computer Services
Tel: 01484 855800
Vat No: GB 685 6987 53

______________________________**_________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/**listinfo/ietf-smtp<https://www.ietf.org/mailman/listinfo/ietf-smtp>


_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-smtp] Request for discussion of Mandatory Secure Mail Delivery proposal (draft-wchuang-msmd), John Levine
Next by Date:  Re: [ietf-smtp] Request for discussion of Mandatory Secure Mail Delivery proposal (draft-wchuang-msmd), Martijn Grooten
Previous by Thread:  Re: [ietf-smtp] Request for discussion of Mandatory Secure Mail Delivery proposal (draft-wchuang-msmd), Paul Smith
Next by Thread:  Re: [ietf-smtp] Request for discussion of Mandatory Secure Mail Delivery proposal (draft-wchuang-msmd), Wei Chuang
Indexes:  [Date] [Thread] [Top] [All Lists]