ietf-smtp
[Top] [All Lists]

Re: [ietf-smtp] Request for discussion of Mandatory Secure Mail Delivery proposal (draft-wchuang-msmd)

2013-10-16 13:30:13


-----Original Message-----
From: ietf-smtp-bounces(_at_)ietf(_dot_)org 
[mailto:ietf-smtp-bounces(_at_)ietf(_dot_)org] On
Behalf Of John Levine
Sent: Wednesday, October 16, 2013 2:24 PM
To: ietf-smtp(_at_)ietf(_dot_)org
Cc: weihaw(_at_)google(_dot_)com
Subject: Re: [ietf-smtp] Request for discussion of Mandatory Secure Mail
Delivery proposal (draft-wchuang-msmd)

I agree, and if adopted and deployed, it will require user
education/and careful consideration during deployment not to overstate
what this does.

Given how complex this proposal is, I'm wondering whether it wouldn't be
better to do something entirely within the channel, e.g., whole message
encryption using DKIM keys.  It would accomplish pretty much the same
thing, while requiring much less of intermediate mail systems.

R's,
John

John,

Presumably you are referring to using the destination domain DKIM keys to 
encrypt (please correct me if I am wrong). This may work well at the domain 
level (I'm assuming alignment) but there may be operational issues when the 
receiving MTA is different from the domains sending (signing) servers. I think 
using DKIM is certainly worth examining. During the DKIM working group 
discussions we had discussed the possibility of leveraging it beyond the 
initial intended purpose.

Mike
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp

<Prev in Thread] Current Thread [Next in Thread>