Agenda for UTA at IETF-104 Hotel Hilton Prague, Prague, Czech Republic Tuesday, March 26, 2019 10:00 - 11:00, Karlin 3 Room Chairs: Leif Johansson Valery Smyslov 5 min. Administrativia (jabber scribes, note takers, blue sheets), Note Well, Agenda bashing 5 min. WG documents status update 20 min. draft-ietf-uta-tls-for-email-01 (Loganaden Velvindron) 20 min. Discussion around IESG evaluation of draft-ietf-uta-smtp-require-tls-07 10 min. Open Mic draft-ietf-uta-tls-for-email-01 - Loganaden report: - Leif made the point that once a draft becomes a working group document that change control passes to the group - Alexey Melnikov asked as an implementor that he'd like guidance on the cipher suites used. - Is the focus on Client to Server or Server to Server. - Alexey: The document is 5 pages at the moment and ideally it should cover both Client to Server and Server to Server but if only one topic is to be included it should be Client to Server as the first preference. Discussion around IESG evaluation - Jim Fenton update on draft-ietf-uta-smtp-require-tls-07 - Two (2) DISCUSS positions - Changes slated for -08 - RequireTLS and REQUIRETLS were different but not always picked up - Header field to change from RequireTLS to TLS-Required. Will still have a mandatory value of "No". - Many more instances of messages being re-originated (beyond mailing lists) such as Vacation, SIEVE and may not be aware of REQUIRETLS - Barry Leiba: Bounce messages may include the original message and not requiring REQUIRETLS being propogated. - Alexey and Barry committed to providing text regarding propogation of REQUIRETLS to SIEVE. - Jonathan Hoyland conveyed comments from the Jabber stream - Ned Freed: SIEVE can be executed from just before delivery until long after. - Security Consideration - Barry: Error in 8.4 Policy Conflicts - "on the part of the sender not to use TLS" should be "not REQUIRE the use of TLS". - Ben Kaduk: Not sure this directive will be honoured. - Watson Ladd: "TLS-Required: No" is unintuitive. - Joseph Salowey: The wording is unclear on the decision to not use TLS. - Jim: The wording error has been pointed out by Barry. - Joe: The last sentence is problematic. - Viktor Dukhovni: TLS-Required: No is not the same and require no TLS. The bulk of SMTP is transmitted via TLS as shown by Google + START-TLS everywhere. - Barry: use of "use" in that text is problematic. - Ben: Not confused in the way identified by Viktor. This is a sender preference. Do we honor the sender preference vs honor the receiver preference. - Barry: Should look at picking the better of the two options between sender/receiver preference. MTA-STS does require TLS in strict. - Viktor: The word strict in MTA-STS and its interpretation is incorrect. It only applies for every hop using MTA-STS. - Pete Resnick: The audience understands the MTA-STS requirements. There isn't a conflict between "TLS-Required: No" and the use of TLS isn't in conflict and maybe the wording should be "TLS-Optional: Yes". - Leif: Will this text be wordsmithed on the mailing list. - Jim: Yes will be sent to the list for discussion prior to being in the -08 update. - Viktor: SMTP is infact a UDP datagram sent to a recipient. The sender understands the context behind the options they set. - Leif: Thanked Viktor for his work on the mailing list making people understand this. https://tools.ietf.org/html/draft-tschofenig-uta-tls13-profile-01 - Hannes: - Submitted to UTA because _DICE_/_ICE_ (missed that) doesn't exist anymore. - Leif: Are you looking for this to be a working group document? - Hannes: Yes. DTLS 1.3 is wrapping up. - Leif: With only 1 reader of this document and the focus of this group to be email at the moment it needs more reviews to work on this. - Barry: Agreed to be a review volunteer. - Alexey: It is up to the chairs on whether they should adopt this document. It is fine charter wise. - Leif: It is good to know that the working group can complete. - Jonathan (Jabber Scribe) that there is another reviewer in Loganaden. Open Mic: - No comments. Meeting closed at 10:50