ietf-smtp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-smtp] [Uta] New Version Notification for draft-levine-additional-registered-clauses-01

2019-01-25 15:39:28
from [Stephen Farrell] [Permanent Link] 

Hiya,

On 25/01/2019 18:08, John R Levine wrote:

I've uploaded a new version that reflects the recent discussions.

Because I am a grumpy old guy I will not tell you what it says so if you
want to know, you will have to read all four pages of it:


Sorry to have made you (more:-) grumpy, but I'm not sure that's
quite there. Easily fixed though.



https://datatracker.ietf.org/doc/draft-levine-additional-registered-clauses/


1. In section two it'd be clearer I think if you explain that
"sni" and "esni" aren't meant to both be in the same line (or
however that's best said), but are alternatives. Or, if that's
not what you meant then you'd need to say what you did mean.
(Or it might be even simpler to go back to one new thing called
"sni" followed by either a domain name or by the string "esni")

2. The new text in s4 is wrong, a mail server will generally
have access to the value from ESNI or the h/s will likely fail,
and the TLS server will treat that as the SNI to use for server
certificate selection. The issue isn't that the server can't
see the ESNI value, just that it oughtn't pass it on. So for
example you might do this:

OLD:

   If the SNI information in a STARTTLS negotiation is exchanged in
   encrypted form [ESNI] a mail server would generally not have access
   to the SNI, and can only log that ESNI was used.

NEW:

   If the SNI information in a STARTTLS negotiation is exchanged in
   encrypted form [ESNI] a mail server SHOULD only log that ESNI was
   used, and not the actual name used.

Cheers,
S.



Regards,
John Levine, johnl(_at_)taugh(_dot_)com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly

_______________________________________________
Uta mailing list
Uta(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/uta

Attachment: 0x5AB2FAF17B172BEA.asc
Description: application/pgp-keys

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-smtp] ietf-smtp(_at_)ietf(_dot_)org and DMARC with p=quarantine; pct=0, Kurt Andersen (b)
Next by Date:  Re: [ietf-smtp] ietf-smtp(_at_)ietf(_dot_)org and DMARC with p=quarantine; pct=0, Dilyan Palauzov
Previous by Thread:  [ietf-smtp] New Version Notification for draft-levine-additional-registered-clauses-01, John R Levine
Next by Thread:  Re: [ietf-smtp] [Uta] New Version Notification for draft-levine-additional-registered-clauses-00, Ned Freed
Indexes:  [Date] [Thread] [Top] [All Lists]