SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request]

• Previous message (by thread): SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request]
• Next message (by thread): SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request]
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Jan 11, 2019 at 6:14 PM Viruthagiri Thirumavalavan
<giri at dombox.org> wrote:
>> While we're at it, let's deprecate IPv4 now that IPv6 is fully deployed
>
> Come on Mr. Herrin.

Hi Viruthagiri,

If you don't want to face the hyperbole then don't stick your head in
the sand. Unless you grossly underestimate the cost of operations
change, you propose to make the spam problem worse for some nontrivial
period of time. In exchange, you offer an explanation for how a new
port will succeed where starttls fails that frankly doesn't hold
water. Any scenario where starttls is disrupted is at least as
vulnerable to a new tcp port being blocked.

Your other idea of signaling via DNS that a man in the middle is
present if the target SMTP server fails to support encryption could
have merit. I think the specific mechanism (overloading the host name)
is unwise but I'd be interested to see the concept developed further.

Regards,
Bill Herrin

-- 
William Herrin ................ herrin at dirtside.com  bill at herrin.us
Dirtside Systems ......... Web: <http://www.dirtside.com/>

• Previous message (by thread): SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request]
• Next message (by thread): SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request]
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]