ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: IETF mail server and SSLv3

2016-02-03 16:26:28
from [Derek Atkins] [Permanent Link] 
IETF Chair <chair(_at_)ietf(_dot_)org> writes:


For your information, while SSLv3 has been disabled on IETF web
servers, it has still been enabled on mail transport. The tools is
taking action to disable SSLv3 even on mail transport. After this, all
IETF web and mail servers support only TLS-based transport on secure
connections.

If you have any feedback regarding this, let me or the tools team know.


Have you disabled non-TLS SMTP transport, too?

If not, isn't there a chance that disabling SSLv3 will cause *SOME*
email to fallback to non-encrypted?


Jari Arkko, IETF Chair


-derek

-- 
       Derek Atkins                 617-623-3745
       derek(_at_)ihtfp(_dot_)com             www.ihtfp.com
       Computer and Internet Security Consultant
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: IANA considerations and expert review across different streams (was Re: [IAB] Call for comment: <draft-iab-rfc5741bis-01> (On RFC Streams, Headers, and Boilerplates)), Graham Klyne
Next by Date:  Re: Last Call: <draft-mahesh-mef-urn-01.txt> (URN Namespace for MEF Documents) to Informational RFC, Mahesh Jethanandani
Previous by Thread:  Re: IANA considerations and expert review across different streams (was Re: [IAB] Call for comment: <draft-iab-rfc5741bis-01> (On RFC Streams, Headers, and Boilerplates)), Graham Klyne
Next by Thread:  Re: IETF mail server and SSLv3, Viktor Dukhovni
Indexes:  [Date] [Thread] [Top] [All Lists]