Hi Alexey,
I've just seen that IMAP specification (RFC 3501) mentions in
Section 11.1 that "IMAP client and server implementations MUST
implement the TLS_RSA_WITH_RC4_128_MD5 [TLS] cipher suite". Section
11.1 also does not give latest recommendations for certificate
validation.
Shouldn't it be updated in favour of following RFC 7525 (BCP for
TLS) and RFC 6125 (guideline for certificate validation)?
Yes, that would be a good idea.
Could the part about the cipher suites be included in a future version
of draft-ietf-uta-email-deep?
(The part about certificate validation was dealt with by RFC 7817.)
draft-ietf-uta-email-deep already updates RFC 3501, and its goal is to
improve email confidentiality between a mail user agent and a mail
submission or mail access server, so I believe referencing RFC 7525
would be in the scope of this document.
draft-ietf-uta-email-deep could then update Sections 2.1 and 2.2 of RFC
2595 (Using TLS with IMAP, POP3 and ACAP) and Section 11.1 of RFC 3501
(IMAPv4) to no longer require these obsolete cipher suites. Latest
recommendation of RFC 7525 should just be followed.
--
Julien ÉLIE
« Ça n'a été qu'un coup de glaive dans l'eau. » (Astérix)
_______________________________________________
Uta mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/uta
