On 1/5/22 3:17 PM, Jim Fenton wrote:
I should probably point out RFC 8689, “SMTP Require TLS Option”, that allows the sender of a message to require that it be sent via TLS. Unfortunately there isn’t any operational deployment of REQUIRETLS, perhaps in part because it requires deployment of DANE or MTA-STS to make it secure against MX record spoofing attacks and the like. Those attacks would also need to be considered when discussing anything involving public key discovery through an SMTP option or command.
Also I think there's widespread agreement that hop-by-hop encryption is necessary but insufficient; we need message encryption also.
Agree with you that the sender, rather than any recipients, should be the one to determine whether a message requires encryption. Of course nothing stops any sender today from encrypting outgoing messages, other than a lack of support by most recipients MUAs and the difficulty of obtaining and verifying recipients' public keys.
Keith
