Re: [ietf-smtp] SMTP Over TLS on Port 26

ietf-smtp

Re: [ietf-smtp] SMTP Over TLS on Port 26 - Implicit TLS Proposal

2019-01-08 12:43:44

On Jan 8, 2019, at 12:23 PM, valdis(_dot_)kletnieks(_at_)vt(_dot_)edu wrote:

Hint: If starttls is subject to a downgrade attack, what prevents the same 
attack
against the same pair of hosts attempting smtps instead?


IOW, if the server is only listening on port 26, and the client is being 
MITM'd, the attacker can listen on port 25 and then tunnel the client 
connection to the server's port 26.  Only if the client knows that the server 
supports TLS can you prevent a downgrade, and then STARTTLS works fine.   So 
you need some secure way of signaling this, e.g. DNSSEC, and if you have that, 
then you don't need a second port allocation.

_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [ietf-smtp] SMTP Over TLS on Port 26 - Implicit TLS Proposal, (continued) Re: [ietf-smtp] SMTP Over TLS on Port 26 - Implicit TLS Proposal, Paul Smith Re: [ietf-smtp] SMTP Over TLS on Port 26 - Implicit TLS Proposal, Jeremy Harris Re: [ietf-smtp] SMTP Over TLS on Port 26 - Implicit TLS Proposal, Paul Smith Re: [ietf-smtp] SMTP Over TLS on Port 26 - Implicit TLS Proposal, John C Klensin Re: [ietf-smtp] SMTP Over TLS on Port 26 - Implicit TLS Proposal, Alessandro Vesely Re: [ietf-smtp] SMTP Over TLS on Port 26 - Implicit TLS Proposal, Viruthagiri Thirumavalavan Re: [ietf-smtp] SMTP Over TLS on Port 26 - Implicit TLS Proposal, Richard Clayton Re: [ietf-smtp] SMTP Over TLS on Port 26 - Implicit TLS Proposal, Viruthagiri Thirumavalavan Re: [ietf-smtp] SMTP Over TLS on Port 26 - Implicit TLS Proposal, Viruthagiri Thirumavalavan Re: [ietf-smtp] SMTP Over TLS on Port 26 - Implicit TLS Proposal, valdis . kletnieks Re: [ietf-smtp] SMTP Over TLS on Port 26 - Implicit TLS Proposal, Ted Lemon <= Re: [ietf-smtp] SMTP Over TLS on Port 26 - Implicit TLS Proposal, Paul Smith Re: [ietf-smtp] SMTP Over TLS on Port 26 - Implicit TLS Proposal, Ted Lemon Re: [ietf-smtp] SMTP Over TLS on Port 26 - Implicit TLS Proposal, Viruthagiri Thirumavalavan Re: [ietf-smtp] SMTP Over TLS on Port 26 - Implicit TLS Proposal, Ted Lemon Re: [ietf-smtp] SMTP Over TLS on Port 26 - Implicit TLS Proposal, Viruthagiri Thirumavalavan Re: [ietf-smtp] SMTP Over TLS on Port 26 - Implicit TLS Proposal, valdis . kletnieks Re: [ietf-smtp] SMTP Over TLS on Port 26 - Implicit TLS Proposal, Viruthagiri Thirumavalavan Re: [ietf-smtp] SMTP Over TLS on Port 26 - Implicit TLS Proposal, valdis . kletnieks Re: [ietf-smtp] SMTP Over TLS on Port 26 - Implicit TLS Proposal, Viruthagiri Thirumavalavan Re: [ietf-smtp] SMTP Over TLS on Port 26 - Implicit TLS Proposal, valdis . kletnieks

Previous by Date:	Re: [ietf-smtp] SMTP Over TLS on Port 26 - Implicit TLS Proposal, valdis . kletnieks
Next by Date:	Re: [ietf-smtp] SMTP Over TLS on Port 26 - Implicit TLS Proposal, Paul Smith
Previous by Thread:	Re: [ietf-smtp] SMTP Over TLS on Port 26 - Implicit TLS Proposal, valdis . kletnieks
Next by Thread:	Re: [ietf-smtp] SMTP Over TLS on Port 26 - Implicit TLS Proposal, Paul Smith
Indexes:	[Date] [Thread] [Top] [All Lists]