yet another round of SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request]

John Levine johnl at iecc.com
Sat Jan 12 20:44:46 UTC 2019


In article <CAOEezJQ0mJYvKW=SdbbE4ZC2Vx6_9FD5Z0SpkF2840r580vZ5w at mail.gmail.com> you write:
>What IETF Mailing list thinks? - "Implicit TLS doesn't offer any additional
>security than a downgrade protected STARTTLS. Let's not waste a port."

He's forum shopping.  He's already take this to two IETF lists and
we've explained to him why it's not a good idea.

If you want to say that all your mail servers use TLS, we already have
DANE for people who can deal with DNSSEC and MTA-STS for people who
can't (or don't want to for whatever reason.)  We do not need yet
another hack, particularly one which attempts to reserve string
patterns in DNS names.

R's,
John



More information about the NANOG mailing list