On Fri, 15 Aug 2014, Viktor Dukhovni wrote:
This draft proposes encryption in the possible absence of
authentication.
No, this draft proposes encryption in the presence of peer encryption
support, and authentication in the presence of peer authentication
support as determined via suitable peer signalling mechanisms.
We already have drafts/RFCs for using advertised authenticated encryption,
such as webpki and DANE. This draft adds an opportune component
to strongly recommend unauthenticated encryption over cleartext in
ABSENCE of support of other drafts/RFCs for authenticated encryption.
While I can call it privacy or encryption,
I have a very hard time calling it security.
Opportunistic DANE TLS for SMTP is security
Some disagree about the use of the term opportunistic in this case.
If an SMTP client supports DANE, and is contacting an SMTP server
supporting DANE, there is nothing opportunistic about it. It MUST use
encryption and MUST NOT fall back to cleartext.
It is security against passive attacks,
that is, for a different threat model.
I don't disagree. But it is still only encryption.
I would have objected regardless. Opportunistic security is a
better match than OE for the content of the draft. I would not
have objected to Opportunistic Cryptosecurity, but it is not a
compelling improvement.
While not compelling, it is an improvement :P
Paul