On 12/24/22 06:54, Chris Lonvick via Datatracker wrote:
First, looking at this from an operational, “on the wire” perspective, the Expires header field will pose no additional security concerns over those defined in RFC 5322.
The thing that strikes me as unusual about this proposal, is that there's not any other email header field that can even be remotely implied to mean "it's okay to delete this message". So until now, the prospect of having a message deleted without the recipient's approval is not considered a security risk. Standardizing an Expires field changes that.
Of course even without an Expires field, messages are routinely deleted by spam filters without the recipient's approval. But for some reason we don't consider that a security risk, presumably because we don't consider spam filters adversaries. Of course spam filters can be adversaries; they can interfere with communications for reasons that suit the spam filter's interests rather than the recipient's interests. It is completely unreasonable to assume that they are even benign or neutral.
Frankly, I find the secdir review deficient. Keith -- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
