On Wed, 30 Oct 2024, Martin Thomson wrote:
This isn't some complex or nuanced thing. It's about whether the IETF thinks that STARTTLS is necessary to address the threat model.
SMTP is not HTTP, and the threat model is not the same. SMTP is actually quite odd compared to most of our other application protocols.
It is not interactive, so users have only an indirect report if something fails, via bounce messages.
It is store-and-forward, with nearly all messages taking more than one hop, so end to end whatever does not apply.
And most importantly, it is sender-push rather than recipient-pull, so you have no control over what you receive. The vast majority of the security things we have invented for e-mail are about what to do with messages once they show up, not about messages in transit.
It has a very long tail, and a lot of messages are sent by machines, not people, so even the bounce messages don't necessarily get looked at quickly.
So while spying on a message in transit on the public Internet is one threat, losing messages from my printer because someone "improved" my MTA to silently (other than messages deep in a log file) reject its mail is a threat, too. This is indeed complex and nuanced, which is why it belongs in the A/S.
R's, John PS:
Sure, it isn't sufficient for email, but I don't get why a strong recommendation isn't being made. Clearly, if you use unsecured SMTP to send mail somewhere, there's a good chance that a) it won't get there,
That's simply untrue. You can use MTA-STS to say you use STARTTLS everywhere, but if you don't, all the mail systems I know will accept your mail in plain text.
-- last-call mailing list -- last-call@xxxxxxxx To unsubscribe send an email to last-call-leave@xxxxxxxx
