[Top] [All Lists]

Re: [ietf-smtp] HTTPS degrading

2019-10-16 12:59:37
On 10/16/2019 3:03 AM, Keith Moore wrote:
On 10/15/19 11:30 PM, Hector Santos wrote:

What I am seeing for the first time ever in HTTP history, HTTP comm
I/O is ok, HTTPS is degraded by the ISP if self-signed.

How do you know that it's the ISP that's doing the degrading?

I provided detailed info off-list, but you're right. I don't know for sure, but the ISP escalation engineer has acknowledged the HTTPS degradation problem is occurring with WAN comm I/O. Not LAN comm I/O, and only HTTPS. HTTP is fine.

I am trying to get a handle on it. Technically, at this point, it appears when CA-signed certs are used or a HTTP 1.1 persistent socket connection is in play, this "mysterious," passive network security proxy degradation problem disappears. It appears to be new, isolated and experimental with my small biz as a guinea pig.

If SMTP operations evolve to where similar enforcement with CA-signed certs occurs, we probably won't see much of a degradation to notice anything since for the most part, it is a single-shot transfer of a payload. But with HTTPS, a page can have 10s, 100s of requests to complete the page display.


ietf-smtp mailing list