On Tue, Jan 8, 2019 at 6:25 PM Viruthagiri Thirumavalavan
<giri(_at_)dombox(_dot_)org>
wrote:
To be clear, this is the problem with Opportunistic TLS.
A guy who sends an email to AshleyMadison support team probably cheating
his wife. He can protect the real conversation by upgrading the connection
to a secure connection with the help of STARTTLS. But the handshake before
the upgrade goes like this in plain text.
220 mail.ashleymadison.com AshleyMadison ESMTP Service Ready
Ah, right, I misunderstood your use case. However, who is it who needs
privacy here? The end user is never going to connect to ashleymadison.com
..
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp