| draft-ietf-uta-tls-for-email-02.txt | draft-ietf-uta-tls-for-email-03.txt | |||
|---|---|---|---|---|
| Network Working Group L. Velvindron | Network Working Group L. Velvindron | |||
| Internet-Draft cyberstorm.mu | Internet-Draft cyberstorm.mu | |||
| Updates: 8314 (if approved) S. Farrell | Updates: 8314 (if approved) S. Farrell | |||
| Intended status: Standards Track Trinity College Dublin | Intended status: Standards Track Trinity College Dublin | |||
| Expires: March 14, 2020 September 11, 2019 | Expires: April 24, 2020 October 22, 2019 | |||
| Use of TLS for Email Submission and Access | Use of TLS for Email Submission and Access | |||
| draft-ietf-uta-tls-for-email-02 | draft-ietf-uta-tls-for-email-03 | |||
| Abstract | Abstract | |||
| This specification updates current recommendation for the use of | This specification updates current recommendation for the use of | |||
| Transport Layer Security (TLS) protocol to provide confidentiality of | Transport Layer Security (TLS) protocol to provide confidentiality of | |||
| email between a Mail User Agent (MUA) and a Mail Submission Server or | email between a Mail User Agent (MUA) and a Mail Submission Server or | |||
| Mail Access Server. This document updates RFC8314. | Mail Access Server. This document updates RFC8314. | |||
| Status of This Memo | Status of This Memo | |||
| skipping to change at page 1, line 34 ¶ | skipping to change at page 1, line 34 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on March 14, 2020. | This Internet-Draft will expire on April 24, 2020. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2019 IETF Trust and the persons identified as the | Copyright (c) 2019 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (https://trustee.ietf.org/license-info) in effect on the date of | (https://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 4, line 11 ¶ | skipping to change at page 4, line 11 ¶ | |||
| " MUAs MUST implement TLS 1.2 [RFC5246] or later e.g TLS 1.3 | " MUAs MUST implement TLS 1.2 [RFC5246] or later e.g TLS 1.3 | |||
| [RFC8446]. Earlier TLS and SSL versions MAY also be supported, so | [RFC8446]. Earlier TLS and SSL versions MAY also be supported, so | |||
| long as the MUA requires at least TLS 1.2 [RFC5246] when accessing | long as the MUA requires at least TLS 1.2 [RFC5246] when accessing | |||
| accounts that are configured to impose minimum confidentiality | accounts that are configured to impose minimum confidentiality | |||
| requirements. " | requirements. " | |||
| OLD: | OLD: | |||
| " The default minimum expected level of confidentiality for all new | " The default minimum expected level of confidentiality for all new | |||
| accounts MUST require successful validation of the server's | accounts MUST require successful validation of the server's | |||
| certificate and SHOULD require negotiation of TLS version 1.2 or | certificate and SHOULD require negotiation of TLS version 1.1 or | |||
| greater. (Future revisions to this specification may raise these | greater. (Future revisions to this specification may raise these | |||
| requirements or impose additional requirements to address newly | requirements or impose additional requirements to address newly | |||
| discovered weaknesses in protocols or cryptographic algorithms. " | discovered weaknesses in protocols or cryptographic algorithms. " | |||
| NEW: | NEW: | |||
| " The default minimum expected level of confidentiality for all new | " The default minimum expected level of confidentiality for all new | |||
| accounts MUST require successful validation of the server's | accounts MUST require successful validation of the server's | |||
| certificate and SHOULD require negotiation of TLS version 1.2 or | certificate and SHOULD require negotiation of TLS version 1.2 or | |||
| greater. (Future revisions to this specification may raise these | greater. (Future revisions to this specification may raise these | |||
| skipping to change at page 4, line 37 ¶ | skipping to change at page 4, line 37 ¶ | |||
| None of the proposed measures have an impact on IANA. | None of the proposed measures have an impact on IANA. | |||
| 5. Security Considerations | 5. Security Considerations | |||
| The purpose of this document is to document updated recommendations | The purpose of this document is to document updated recommendations | |||
| for using TLS with Email services. Those recommendations are based | for using TLS with Email services. Those recommendations are based | |||
| on [I-D.ietf-tls-oldversions-deprecate]. | on [I-D.ietf-tls-oldversions-deprecate]. | |||
| 6. Acknowledgement | 6. Acknowledgement | |||
| The authors would like to thank Vittorio Bertola for his feedback. | The authors would like to thank Vittorio Bertola and Viktor Dukhovni | |||
| for their feedback. | ||||
| 7. References | 7. References | |||
| 7.1. Informative References | 7.1. Informative References | |||
| [RFC4346] Dierks, T. and E. Rescorla, "The Transport Layer Security | [RFC4346] Dierks, T. and E. Rescorla, "The Transport Layer Security | |||
| (TLS) Protocol Version 1.1", RFC 4346, | (TLS) Protocol Version 1.1", RFC 4346, | |||
| DOI 10.17487/RFC4346, April 2006, | DOI 10.17487/RFC4346, April 2006, | |||
| <https://www.rfc-editor.org/info/rfc4346>. | <https://www.rfc-editor.org/info/rfc4346>. | |||
| End of changes. 5 change blocks. | ||||
| 5 lines changed or deleted | 6 lines changed or added | |||
This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||