Re: [ietf-smtp] [Uta] New Version Notification for draft-levine-additional-registered-clauses-012019-01-25 15:39:28Hiya, On 25/01/2019 18:08, John R Levine wrote: I've uploaded a new version that reflects the recent discussions. Because I am a grumpy old guy I will not tell you what it says so if you want to know, you will have to read all four pages of it: Sorry to have made you (more:-) grumpy, but I'm not sure that's quite there. Easily fixed though. https://datatracker.ietf.org/doc/draft-levine-additional-registered-clauses/ 1. In section two it'd be clearer I think if you explain that "sni" and "esni" aren't meant to both be in the same line (or however that's best said), but are alternatives. Or, if that's not what you meant then you'd need to say what you did mean. (Or it might be even simpler to go back to one new thing called "sni" followed by either a domain name or by the string "esni") 2. The new text in s4 is wrong, a mail server will generally have access to the value from ESNI or the h/s will likely fail, and the TLS server will treat that as the SNI to use for server certificate selection. The issue isn't that the server can't see the ESNI value, just that it oughtn't pass it on. So for example you might do this: OLD: If the SNI information in a STARTTLS negotiation is exchanged in encrypted form [ESNI] a mail server would generally not have access to the SNI, and can only log that ESNI was used. NEW: If the SNI information in a STARTTLS negotiation is exchanged in encrypted form [ESNI] a mail server SHOULD only log that ESNI was used, and not the actual name used. Cheers, S. Regards, John Levine, johnl(_at_)taugh(_dot_)com, Taughannock Networks, Trumansburg NY Please consider the environment before reading this e-mail. https://jl.ly _______________________________________________ Uta mailing list Uta(_at_)ietf(_dot_)org https://www.ietf.org/mailman/listinfo/uta
0x5AB2FAF17B172BEA.asc
signature.asc _______________________________________________ ietf-smtp mailing list ietf-smtp(_at_)ietf(_dot_)org https://www.ietf.org/mailman/listinfo/ietf-smtp
|
|