[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Last Call: SMTP Service Extension for Secure SMTP over TLS to Proposed Standard

To: Keith Moore <moore@xxxxxxxxxx>
Subject: Re: Last Call: SMTP Service Extension for Secure SMTP over TLS to Proposed Standard
From: Eric Rescorla <ekr@xxxxxxxx>
Date: Mon, 09 Jul 2001 08:15:15 -0700
Cc: Paul Hoffman / IMC <phoffman@xxxxxxx>, ietf-apps-tls@xxxxxxx, ietf-smtp@xxxxxxx
In-reply-to: Your message of "Mon, 09 Jul 2001 10:51:47 EDT." <>
List-archive: <http://www.imc.org/ietf-apps-tls/mail-archive/>
List-id: <ietf-apps-tls.imc.org>
List-unsubscribe: <mailto:ietf-apps-tls-request@imc.org?body=unsubscribe>
Sender: owner-ietf-apps-tls@xxxxxxxxxxxx

> I guess I'm of the opinion that such knowledge must be explicitly configured 
> if MTAs are going to fail if it is not accurate - MTAs should not be making 
> guesses.
Disallowing this sort of caching makes autodiscovery a losing strategy
in any environment which includes active attack as part of its threat
model. I suspect that we'll have to suck that up but we should do
so conscious of the tradeoff.

-Ekr

References:
- Re: Last Call: SMTP Service Extension for Secure SMTP over TLS to Proposed Standard
  - From: Keith Moore

Prev by Date: Re: Last Call: SMTP Service Extension for Secure SMTP over TLS to Proposed Standard
Next by Date: Re: Last Call: SMTP Service Extension for Secure SMTP over TLS to Proposed Standard
Previous by thread: Re: Last Call: SMTP Service Extension for Secure SMTP over TLS to Proposed Standard
Next by thread: Re: Last Call: SMTP Service Extension for Secure SMTP over TLS to Proposed Standard
Index(es):
- Date
- Thread