On Tue, 29 Oct 2024, Paul Wouters wrote:
I can easily imagine scenarios where STARTTLS makes no sense
No network should run smtp in the clear, whether it is “over the internet” or not. Even if you’d gain nothing because you use macsec, IPsec or another link layer encryption, the cost of double encryption on email is so low that you might as well still run (opportunistic) TLS instead of unencrypted smtp.
I have an old printer that e-mails "I'm jammed" or "I'm empty" notices in
the clear to a local mail server. It's not going to change, and if we
somehow imagine we're going to force people to reject its out of paper
messages, we're just making ourselves look silly. New printers should
certainly do STARTTLS, but we at least used to give lip service to
backward compatability and existing practice.
As I may have said once or twice, the STARTTLS stuff belongs in the A/S.
R's,
John
PS:
--
last-call mailing list -- last-call@xxxxxxxx
To unsubscribe send an email to last-call-leave@xxxxxxxx
