On Fri, Aug 22, 2014 at 05:25:17AM +0000, l.wood@xxxxxxxxxxxx wrote: > Okay, so with opportunistic security, all a man in the middle > has to do is block any communications he can't decrypt, and it > automatically downgrades to select something he can break? And without OS, he need not do anything at all, because the vast majority of the traffic is cleartext. However OS can support downgrade resistant modes of operation, given appropriately secure out-of-band signalling, (possibly DANE/DNSSEC). OS is not an effort to displace already working authenticated encrypted traffic. Rather, it is an effort to upgrade currently unencrypted traffic to encryption or currently unauthenticated traffic to authentication. Hence, "Opportunistic TLS" with SMTP for the former, and "Opportunistic DANE TLS" with the latter. You can point fingers at the shabby clothing of the OS emperor, but at least he's not naked. -- Viktor.