Ben Campbell has entered the following ballot position for draft-ietf-uta-smtp-require-tls-07: Yes
When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-uta-smtp-require-tls/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Thanks for this. I am balloting "yes", but I have a couple of questions. (The first would border on a DISCUSS, but I suspect I am reading something wrong): - I am confused about the handling of bounce messages. §4.1 says the following: "Upon receipt of the REQUIRETLS option on a MAIL FROM command during the receipt of a message for which the return-path is not empty (indicating a bounce message), an SMTP server MUST tag that message as needing REQUIRETLS handling." ... which seems to exempt bounce messages from REQUIRETLS tagging. But §5 says: "Non-delivery ("bounce") messages usually contain important metadata about the message to which they refer, including the original message header. They therefore MUST be protected in the same manner as the original message. All non-delivery messages resulting from messages with the REQUIRETLS SMTP option, whether resulting from a REQUIRETLS error or some other, MUST also specify the REQUIRETLS SMTP option unless redacted as described below." ... which seems to require bounce messages to _not_ be exempt from tagging. What am I missing? §6: "REQUIRETLS users SHOULD be made aware of this limitation so that they use caution when sending to mailing lists and do not assume that REQUIRETLS applies to messages from the list operator to list members." Does this mean a user agent needs to know if a message destination is a list so that it can make the user aware? _______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
