[180154] in North American Network Operators' Group
Re: gmail security is a joke
daemon@ATHENA.MIT.EDU (Mark Andrews)
Tue May 26 20:36:46 2015
X-Original-To: nanog@nanog.org
To: Saku Ytti <saku@ytti.fi>
From: Mark Andrews <marka@isc.org>
In-reply-to: Your message of "Tue, 26 May 2015 19:11:51 +0300."
<20150526161151.GA14841@pob.ytti.fi>
Date: Wed, 27 May 2015 10:36:34 +1000
Cc: nanog@nanog.org
Errors-To: nanog-bounces@nanog.org
In message <20150526161151.GA14841@pob.ytti.fi>, Saku Ytti writes:
> On (2015-05-26 17:44 +0200), Owen DeLong wrote:
>
> Hey,
>
> > I think opt-out of password recovery choices on a line-item basis is not a
> bad concept.
>
> This sounds reasonable. At least then you could decide which balance of
> risk/convenience fits their use-case for given service.
>
> > OTOH, recovery by receiving a token at a previously registered alternate e
> > mail address
> > seems relatively secure to me and I wouldn???t want to opt out of that.
>
> It's probably machine sent in seconds or minute after request, so doing
> short-lived BGP hijack of MX might be reasonably easy way to get the email.
Which is easily prevented by authenticating the MX when connecting.
Something which as been recommended practice for as long as SMTP
has existed. HELO provided weak authentication. We now know and
documented how to do this securely on a global scale, we just need
to do it. See draft-ietf-dane-smtp-with-dane.
You have added the TLSA records for you MTA and signed your zones?
You have updated your MTA to support DANE?
[ Need to nag ops to add TLSA records for the MX's. We have them
for www.isc.org. ]
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
