Below is the announcement of a draft I just submitted that may be of
interest to this list. The approach here is complementary to the other
proposals I have seen along these lines (e.g., smtp-sts).
Thoughts, reviews, etc. welcomed.
-Jim
-------- Forwarded Message --------
Subject: New Version Notification for
draft-fenton-smtp-require-tls-00.txt
Date: Sun, 10 Jan 2016 14:21:37 -0800
From: internet-drafts(_at_)ietf(_dot_)org
To: Jim Fenton <fenton(_at_)bluepopcorn(_dot_)net>
A new version of I-D, draft-fenton-smtp-require-tls-00.txt
has been successfully submitted by Jim Fenton and posted to the
IETF repository.
Name: draft-fenton-smtp-require-tls
Revision: 00
Title: SMTP Require TLS Option
Document date: 2016-01-10
Group: Individual Submission
Pages: 7
URL:
https://www.ietf.org/internet-drafts/draft-fenton-smtp-require-tls-00.txt
Status: https://datatracker.ietf.org/doc/draft-fenton-smtp-require-tls/
Htmlized: https://tools.ietf.org/html/draft-fenton-smtp-require-tls-00
Abstract:
The SMTP STARTTLS option, used in negotiating transport-level
encryption of SMTP connections, is not as useful from a security
standpoint as it might be because of its opportunistic nature;
message delivery is prioritized over security. This document
describes a complementary option, REQUIRETLS, which causes message
delivery to fail if a TLS connection with the required security
characteristics cannot be negotiated with the next hop MTA or if that
MTA does not also support REQUIRETLS. Message originators may
therefore expect transport security for messages sent with this
option.
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
The IETF Secretariat
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp