[Top] [All Lists]

Re: [ietf-smtp] How to encrypt SMTP?

2019-10-26 17:29:16

On Oct 26, 2019, at 5:05 PM, Viktor Dukhovni 
<ietf-dane(_at_)dukhovni(_dot_)org> wrote:

For mostly opportunistic TLS,
there's not much incentive to jump through complex TLS hoops.

Yes but IMO we should be moving toward a world in which TLS is mandatory for 
SMTP relay.    Clear guidance to implementors and operators on what TLS 
versions, cert algorithms, and ciphersuites a client and server should support, 
might help us get there.

(perhaps as a stepping stone, cleartext mail relay could be pessimized by 
having servers randomly return 4xx in response to MAIL sent without TLS, 
obsolete TLS, or weak ciphersuites, with the probability of such responses 
increasing over time.)

ietf-smtp mailing list