On Dec 26, 2019, at 5:03 PM, Keith Moore
<moore(_at_)network-heretics(_dot_)com> wrote:
To me it seems that all of this should be out-of-scope for 5321bis, or that
the only mention of this in 5321bis should be to declare such things
out-of-scope. Requiring hop-by-hop encryption would be the most disruptive
change in the history of SMTP, I think, far more so than EHLO.
It may well be too soon to *mandate* TLS, but we could perhaps MUST a
RECOMMENDED or a SHOULD for inter-domain relay of email.
Also SUBMIT on 587 is widely encrypted, and, for exampl, last 6 months of
Gmail's stats show north of 90% use of TLS, with a slightly more support
for TLS from client to server (inbound to Gmail) than at the server
(outbound from Gmail):
https://transparencyreport.google.com/safer-email/overview?encrypt_out=start:1560988800000;end:1577318400000;series:outbound&lu=encrypt_out&encrypt_in=start:1560988800000;end:1577318400000;series:inbound
What's sometimes left unencrypted is:
1. Submission and relay on "internal" networks, and
2. A diminishing, but not yet negligible fraction of
inter-domain relay traffic.
I don't think it would be unreasonable at this point to consider
at least "RECOMMENDED", and perhaps a "SHOULD" for use of STARTTLS
for case "2".
We could perhaps even "RECOMMEND" DANE and/or MTA-STS, but adoption
is much thinner for both[1].
--
--
Viktor.
[1]
I see 1.73 million DANE domains, and O(500) domains with MTA-STS DNS records.
DANE presently covers 2-3 orders of magnitude more domains, while MTA-STS
likely covers 1-2 orders of magnitude more users, given the user count of
Gmail vs. comcast.net, web.de, gmx.de, ...).
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp