Which all sounds like RFC 7525, the TLS BCP, that was published by this
very working group.
Thanks,
Yaron
On 23/10/17 14:09, Ivan Ristic wrote:
At present, STS doesn't impose any restrictions on the quality of TLS
connection. Historically, new RFCs and protocols have been the only
opportunity to enforce better security. For comparison, HTTP/2
introduced a requirement to use TLS 1.2 and suites with forward security
and authenticated encryption.
I think something similar should be done with MTA-STS. In particular,
forward security strikes me as extremely important, however the HTTP/2
approach seems sound overall.
--
Ivan
_______________________________________________
Uta mailing list
Uta@ietf.org
https://www.ietf.org/mailman/listinfo/uta
_______________________________________________
Uta mailing list
Uta@ietf.org
https://www.ietf.org/mailman/listinfo/uta