Re: [saag]: Review of: Opportunistic Security -03 preview for comment

ietf

Re: [saag]: Review of: Opportunistic Security -03 preview for comment

2014-08-15 16:20:45

On Fri, Aug 15, 2014 at 05:06:45PM -0400, Paul Wouters wrote:

Opportunistic DANE TLS for SMTP is security


Some disagree about the use of the term opportunistic in this case.
If an SMTP client supports DANE, and is contacting an SMTP server
supporting DANE, there is nothing opportunistic about it. It MUST use
encryption and MUST NOT fall back to cleartext.


This myopically focuses on a single interaction of the protocol.
When an SMTP client supports DANE, it applies DANE security when
TLSA RRs are present, and not when they absent.  The use of DANE
is opportunistic.  

Thus the clumsy phrase "opportunistically employed" in the current
draft.  If anyone can suggest better language, please send a patch
for the XML:

    git clone https://github.com/vdukhovni/saag.git

-- 
        Viktor.

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
RE: [saag]: Review of: Opportunistic Security -03 preview for comment, (continued) RE: [saag]: Review of: Opportunistic Security -03 preview for comment, l.wood Re: [saag] : Review of: Opportunistic Security -03 preview for comment, Theodore Ts'o DANE should be more prominent (Re: Review of: Opportunistic Security -03 preview for comment), Nico Williams Message not available Re: [saag] : Review of: Opportunistic Security -03 preview for comment, Benjamin Kaduk Re: Review of: Opportunistic Security -03 preview for comment, Paul Wouters Re: [saag]: Review of: Opportunistic Security -03 preview for comment, Viktor Dukhovni Re: [saag]: Review of: Opportunistic Security -03 preview for comment, Paul Wouters Re: [saag] : Review of: Opportunistic Security -03 preview for comment, Benjamin Kaduk Re: [saag]: Review of: Opportunistic Security -03 preview for comment, Viktor Dukhovni Re: [saag]: Review of: Opportunistic Security -03 preview for comment, Paul Wouters Re: [saag]: Review of: Opportunistic Security -03 preview for comment, Viktor Dukhovni <= Re: [saag]: Review of: Opportunistic Security -03 preview for comment, Nico Williams

Previous by Date:	Re: [saag]: Review of: Opportunistic Security -03 preview for comment, Viktor Dukhovni
Next by Date:	Re: Last Call: <draft-dukhovni-opportunistic-security-01.txt> (Opportunistic Security: some protection most of the time) to Informational RFC, Stephen Kent
Previous by Thread:	Re: [saag]: Review of: Opportunistic Security -03 preview for comment, Paul Wouters
Next by Thread:	Re: [saag]: Review of: Opportunistic Security -03 preview for comment, Nico Williams
Indexes:	[Date] [Thread] [Top] [All Lists]