Brian E Carpenter wrote on 30/10/2024 21:04:
Good arguments have been made why STARTTLS shouldn't be a MUST. I haven't seen a convincing argument why it shouldn't be a SHOULD. That doesn't preclude elaboration on that requirement in the AS.
"SHOULD" is a good idea for STARTTLS. "MUST" invites a discussion about how granny should handle CA list updates on her 2008-era printer, and what sort of cipher list or tls protocol version she should configure, whatever about every other piece of obsolete software/firmware in every SMTP MTA client ever produced.
Maybe at some point in the future we could look at MUST but we're nowhere near that stage right now.
Nick -- last-call mailing list -- last-call@xxxxxxxx To unsubscribe send an email to last-call-leave@xxxxxxxx
