In message <491B7C7E.70900@xxxxxxxxxxxx>, Dave CROCKER writes: > > > Mark Andrews wrote: > > In message <alpine.LSU.2.00.0811121752110.14367@xxxxxxxxxxxxxxxxxxxxxx>, Ton > y Fi > > nch writes: > >> SMTP over TLS to an MX does NOT protect against man in the middle attacks. > > > > It does when you turn on DNSSEC > > Perhaps I'm not understanding, but I think you just confirmed that Tony's > statement was correct. No. To protect against man-in-the middle you need to know with whom you are supposed to be talking. SMTP over TLS will do that provided you have that knowledge. One way to aquire that knowledge is to use DNSSEC to prevent spoofed MX records. Another way is to use configuration information. You also need to configure you MTA to not use plain SMTP if STARTTLS is not offered by MTA. This can be done globally or on a MTA by MTA basis. Having the ability to signal if the MTA is supposed to offer STARTTLS in the DNS would remove the downgrade attack path, in the general case. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews@xxxxxxx _______________________________________________ Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf