On 1/7/19 6:55 PM, Peter Gutmann wrote:
Alice Wonder <[email protected]> writes:I'm a privacy zealotSo how would deprecating opportunistic TLS help in that regard? Peter.
MX servers would not be violating RFC if they rejected plain text connection attempts (over 90% of which these days are spam).
MX servers would be violating RFC if they did accept plain text connections.This will virtually eliminate passive attacks that log non-encrypted traffic. The TLS 1.3+ requirement makes it less worthwhile to log encrypted traffic because the secrets used for the ciphers are ephemeral.
btw in the 00s I knew a tech at a large silicon valley data center who bragged that he logged SMTP traffic and had scripts to look for potential insider trading information. Whether he actually did or not I do not know, but it is very possible he did.
There are good reasons to encrypt as much as possible.
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
