On 12/26/19 5:37 PM, Viktor Dukhovni wrote:
To me it seems that all of this should be out-of-scope for 5321bis, or that the
only mention of this in 5321bis should be to declare such things out-of-scope.
Requiring hop-by-hop encryption would be the most disruptive change in the
history of SMTP, I think, far more so than EHLO.
It may well be too soon to*mandate* TLS, but we could perhaps MUST a
RECOMMENDED or a SHOULD for inter-domain relay of email.
I'd support a carefully-worded recommendation to use TLS when relaying,
as long as it didn't (yet) recommend blocking mail based on absence of
TLS and (probably) cautioned against doing so outside of some narrow
corner cases.
I suspect that there are a lot of devices out there sending cleartext
mail, that probably can't be upgraded for the useful lifetime of the
device. And using TLS to send mail from a device, actually makes the
device more fragile because it implies a need to upgrade the CAs that
the device trusts.
(I do also wonder how many existing SMTP servers can handle TLS with
client certificates, because that seems like that would also be a
recommendation worth considering.)
Keith
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp