On Thursday 29 July 2021 06:46:32 CEST, Claus Assmann wrote:
On Wed, Jul 28, 2021, John Levine wrote:
I have trouble imagining an actual threat, and even more trouble imagning
one where an ALPN would make any difference.
Isn't this what "ALPACA" is about?
ALPN defends against that attack by making other ALPNs different from what
code running on the VM inside a web browser requires.
In this case, we're talking about whether there is one different ALPN or
four. Either case suffices to protect email servers from being involved in
attacks against web browsers.
Four means that a malevolent server cannot fool code that expects to
connect to an IMAP server into connecting to an SMTP server and revealing
secrets (e.g. by sending an APPEND command). But IMAP clients don't run
server-supplied code, and don't contain VMs that could protect against
malevolent server-supplied code by checking ALPN.
I like having one ALPN identifier rather than four, since it requires a
smaller change to email clients that share/reuse code for using TLS within
ietf-smtp mailing list