[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request]

Subject: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request]
From: valdis.kletnieks at vt.edu (valdis.kletnieks at vt.edu)
Date: Sat, 12 Jan 2019 00:03:18 -0500
In-reply-to: <CAOEezJQ2NMzFf+xjiZm6QLHfzkKUr-duFQTTecGL7TemzmKUOA@mail.gmail.com>
References: <CAOEezJQ0mJYvKW=SdbbE4ZC2Vx6_9FD5Z0SpkF2840r580vZ5w@mail.gmail.com> <CAP-guGUBp8oxkPrZR4_29xTmAMLnaN6b-ZudPsJ-v6vJoFqtGA@mail.gmail.com> <CAOEezJQCpErow45ErKvjAN6U+_=Lm-JLCp73LRfUrzCQpX5JUQ@mail.gmail.com> <CAP-guGWU2LLDw5AaBLoj2dJUV_6zhOE5O8dpyF9AGLzdsV1Ynw@mail.gmail.com> <CAOEezJRWm6Xa4Qf76zARG63Byh0Uto6fiExZ4r+mL6_GUQaSnw@mail.gmail.com> <CAP-guGVuixB3sa5G8AXKsSZv7cGEV+kU1jXhfrGLsG4f2vWEnA@mail.gmail.com> <[email protected]> <CAOEezJRXiMhUd3NorgjDDSLk6qMQ1NJ1x2BPyuEXvtFVq2HsmA@mail.gmail.com> <TY2PR03MB4525BD598C265696F136C33FF5860@TY2PR03MB4525.apcprd03.prod.outlook.com> <CAOEezJQ2NMzFf+xjiZm6QLHfzkKUr-duFQTTecGL7TemzmKUOA@mail.gmail.com>

On Sat, 12 Jan 2019 09:45:12 +0530, Viruthagiri Thirumavalavan said:

> When I originally drafted the SMTPS proposal, I thought those plaint text
> part before the STARTTLS command leaks some sensitive info.

So - given that multiple people have explained to you on the ietf-smtp list
that there's no really sensitive info before STARTTLS, what *exactly* does
your proposal buy us?  What *real* problem is port 26 fixing?

And is this something that *you* think is a problem, or that somebody who
runs an actual production mail system thinks is a problem?

References:
- SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request]
  - From: giri at dombox.org (Viruthagiri Thirumavalavan)
- SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request]
  - From: bill at herrin.us (William Herrin)
- SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request]
  - From: giri at dombox.org (Viruthagiri Thirumavalavan)
- SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request]
  - From: bill at herrin.us (William Herrin)
- SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request]
  - From: giri at dombox.org (Viruthagiri Thirumavalavan)
- SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request]
  - From: bill at herrin.us (William Herrin)
- SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request]
  - From: lists.nanog at monmotha.net (Brandon Martin)
- SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request]
  - From: giri at dombox.org (Viruthagiri Thirumavalavan)
- SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request]
  - From: ops.lists at gmail.com (Suresh Ramasubramanian)
- SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request]
  - From: giri at dombox.org (Viruthagiri Thirumavalavan)

Prev by Date: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request]
Next by Date: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request]
Previous by thread: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request]
Next by thread: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request]
Index(es):
- Date
- Thread