[Top] [All Lists]

Re: [ietf-smtp] SMTP Over TLS on Port 26 - Implicit TLS Proposal

2019-01-07 10:21:36
Hello Mr. Klensin,

Thanks for the input.

You are right. I'm new here. This is my first RFC proposal. If you think my
solution gonna cause problems, then I have no problem if you reject my

On Mon, Jan 7, 2019 at 9:31 PM John C Klensin <john-ietf(_at_)jck(_dot_)com> 

--On Monday, January 7, 2019 18:12 +0530 Viruthagiri
Thirumavalavan <giri(_at_)dombox(_dot_)org> wrote:

I don't know what point you are trying to make, but while IDNA
can handle encoding of non-ASCII domain names to ACE (ASCII
Compatible Form) perfectly well, users tend to respond
negatively to A-label forms (if any of that terminology is
unfamiliar, see RFC 5890).  I did not suggest that such naming
conventions (whether as prefixes to labels or as subdomains)
would not work technically in the DNS, only that encoding
information that implies protocol-level action in DNS labels has
rarely, if ever, turned out to be a good idea.  I also note that
the examples, in which "smtps-' is used at the beginning of a
label that may be in a non-Latin script, are so-called "mixed
script" and that several groups who are concerned about
user-level spoofing and phishing consider mixed script labels to
be immediately suspicious.

Just for planning: due to other commitments, I'm unlikely to be
able to follow this list carefully or respond to messages
quickly during the rest of this week, so, if I don't respond to
what might otherwise be a conversation, please do not assume

Also, since your name is relatively new to me and mine may be
new to you, it might save time to tell you that I'm the author
or co-author of RFC 5321, 5890, 5891, 5894, and that I was
co-chair of the "EAI" working group and am co-author of a few of
its documents as well.   I've been immersed in this stuff for a
rather long time and, while that doesn't make my views correct,
it, and the things that led to it, do imply a certain amount of
experience and perspective.


On Mon, Jan 7, 2019 at 6:11 PM John C Klensin
<john-ietf(_at_)jck(_dot_)com> wrote:

--On Monday, January 7, 2019 15:53 +0530 Viruthagiri
Thirumavalavan <giri(_at_)dombox(_dot_)org> wrote:

Trillions of mails sent every year. Why do we have to waste
trillion of requests every year in trying for 465 when the
signalling step can be embedded in the mx host name?

Can you give me a good reason, not to go for my solution?

Borrowing a bit from the note I sent a few minutes ago (please
read it first), there are efforts all around the world to get
DNS names into local writing systems and compatible with the
writing systems used in local languages -- so-called
"internationalized domain names" or "IDNs"   That effort has
already turned things like
into an ugly mess and invitation to assorted attacks,
especially if that script either looks a lot like Latin or is
mostly written right to left.   Naming conventions have their
place and can be really convenient, but turning them into
protocol elements rather than hints for convenience is just a
really bad idea.

If DNS tricks are needed and useful, use SRV records.


Best Regards,

Viruthagiri Thirumavalavan
Dombox, Inc.
ietf-smtp mailing list
<Prev in Thread] Current Thread [Next in Thread>