On Wed, Feb 21, 2024, at 09:29, Alexey Melnikov wrote:
Hi Bron,
Thank you for your review!
On 21/02/2024 17:05, Bron Gondwana via Datatracker wrote:Reviewer: Bron Gondwana Review result: Ready I am the assigned ARTART reviewer for this document. I'm very experienced in email, and have some experience in the use of encryption. While I haven't read this entire document before, I've had in-person conversations with the authors about it a few times! It's very well written, and does and excellent job of calling out future work and laying out the complete problem space. In that way I think it's a very valuable document, and as an informative document it should be published.Thank you.I do have some concerns about the implementability (particularly, as already called out in another review, the "strip things which aren't secure enough when quoting for reply" which will likely make users feel there's something wrong with their client).What do you mean by "implementability"? This is not going to be that hard to implement, it might just be surprising to users.
That's enough that high-usage clients won't implement it, because the support load becomes too high.
Would showing a warning to the user be a better thing instead?
I'm not sure that there is a better thing; maybe the user needs to be offered a choice. Probably: "always include", "always exclude", or "always ask (default)".
I think just a "this is going unencrypted: remove text that came in encrypted?" non-blocking prompt.
Bron.
--
Bron Gondwana, CEO, Fastmail Pty Ltd
brong@xxxxxxxxxxxxxxxx
-- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
