On Wed, Feb 27, 2019 at 01:35:42PM -0600, Benjamin Kaduk wrote:
> It seems like implicit in this stance is a belief that DANE and/or MTA-STS
> as currently specified are flawed, in that they do not have a reasonable
> path to substantial deployment (in bounded time).
REQUIRETLS "no", is essential for at least the "postmaster" address
(in the rare cases when that still works), or some address scraped
from the destination domain's website, found in the few WHOIS records
that still list contact addresses, or in a working DNS SOA "mrname".
When all else fails, the user can notify the peer end user on the
receiving domain to contact his postmaster, open a support ticket etc.
Both specifications do a fine job of specifying the recipient's
preferred policy. No specification, regardless of the details, can
ensure that the recipienet lives up to the promised service level.
DANE, MTA-STS, any superior design or security-theatre-de-jour, will
still lead to cases where security degrades delivery. At the very
least one needs to be able to exempt delivery to the email address
of the domain contact.
And when all else fails, and the message is just "let's do lunch",
nothing will be more effective than a clear user choice to deliver
anyway. This a fact of life, and not a defect in DANE or MTA-STS.
The need is intrinsic to multi-hop asynchronous delivery, by providing
the equivalent of the "press OK" to skip various warnings in
end-to-end interactive applications.
If your point is that DANE and MTA-STS should have provided an
end-user opt-out from the outset, maybe so, but I should note that
RequireTLS entered the UTA queue about the same time as MTA-STS,
and with the understanding that the "no" mechanism will be a useful
complement for both MTA-STS and DANE or any other techology which
by defers delivery in the face of apparent active attacks (which
are often simply operational negligence on the receiving end).
--
Viktor.
_______________________________________________
Uta mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/uta
