We were having a discussion on the possibility to disable TLS 1.0 and 1.1 for
MTA to MTA communication, and based on the numbers we've seen so far, it
doesn't look that far fetched.
What's the common consensus in the mail community about this currently?
I don't really see the point, unless the goal is to marginally improve
security while causing compatibility issues with other folks on the
Internet.
The MTA-MTA encryption is weak at best: because the client doesn't
(can't, actually) verify that the certificate is appropriate for that
MTA, any MITM attack is easily accomplished. End users get virtually no
indication that the message was or wasn't encrypted in transit, and
there is no accepted mechanism to force encryption in the first place.
So this change would edge it up in one direction while leaving all of
the gaping holes untouched. And, absolutely, you would cause
compatibility issues with some folks. So the end result is going to be
no increase in security and a decrease in interoperability.
MTA-MTA encryption is like locks on doors: they keep honest people
honest, and bored people from looking at your correspondence. It's nice
to have and certainly better than having every bit of email whizzing
around in plaintext (maybe... as I wrote that I decided I'm not so
sure), but you're just asking for trouble if you start to get all
secret-agent-man secure.
Note that this is NOT a bad idea for anyone doing IMAP or SMTP
submission---those obviously are places where strong encryption is
invaluable and recent versions of TLS are required to exercise your
standard duty of care. But MTA-MTA... I'm going to go with "meh" on
that one.
jms
--
Joel M Snyder, 1404 East Lind Road, Tucson, AZ, 85719
Senior Partner, Opus One Phone: +1 520 324 0494
j...@opus1.com http://www.opus1.com/jms
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
