Re: [Uta] Last Call: <draft-ietf-uta-email-tls-certs-05.txt> (Updated TLS Server Identity Check Procedure for Email Related Protocols) to Proposed Standard

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Julien,

> On 24 Nov 2015, at 21:26, Julien ÉLIE <julien@xxxxxxxxxxxxxxx> wrote:
> 
> Couldn't the draft also update Section 5 of RFC 4642 about the use of TLS in NNTP?
> The NNTP protocol is also a protocol that is found in email clients, so it would make sense to have consistent rules between email and netnews.
 (Snip)
> 
> Or another idea:  wouldn't the draft be worthwhile for a BCP like BCP 195 "Recommendations for Secure Use of Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)"?
> 
> It could indeed be "Recommendations for TLS Server Identity Check Procedure".  The advantage would be that the BCP can apply to email protocols, as well as other protocols using TLS.
> It would save time for others, and permit to have homogeneity and consistent rules across protocols, as well as increasing security.

Early on the WG decided to not do that and deal with different types of protocols separately. For example, requirements on XMPP and email are a bit different, so separate documents are the best. But of course nothing prevents people from publishing another document saying "do the same thing as this other specification, just use different SRV labels" (for example).

Best Regards,
Alexey





[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]