Hiya, On 25/01/2019 22:11, Viktor Dukhovni wrote: > Like John, I am very skeptical about the applicability of ESNI to > SMTP.
I also agree with John and you that ESNI doesn't seem compelling for SMTP. Nonetheless, I'm often wrong, and maybe in this case too, so if ESNI is seen to be used then handling it conservatively seems wiser. > The sender's MSA is generally stable over long time scales, and is > easily deduced from the sender's email address. The names of SMTP > relays have little bearing on user privacy. Yes. ISTM the ESNI discussion in this thread is more about "least surprise" and not really directly about privacy. > If one is to make a priority of sender privacy, one would focus on > not recording the submission IP address. That is an interesting topic - if there were energy enough for trying to really tackle (re-)balancing the various trade-offs in mail metadata handling that have historically not really considered privacy, then that'd be great. Part of that is the general topic John mentioned earlier about redacting information in mail header fields. TBH, I'd be surprised but happy if folks had the energy for that, but I'm also pretty sure that'd deserve it's own thread, then mailing list and, maybe WG:-) > Hiding the well known MSA or > SMTP relay name is not worth the trouble. Partly agree. Not exposing it after the MTA admin has chosen to try hide it is IMO worth a well-crafted sentence in John's draft and a handful of lines of code. Cheers, S.
0x5AB2FAF17B172BEA.asc
Description: application/pgp-keys
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
