[55614] in North American Network Operators' Group
Re: Remote email access
daemon@ATHENA.MIT.EDU (Dave Crocker)
Tue Feb 4 10:42:08 2003
Date: Tue, 4 Feb 2003 07:31:57 -0800
From: Dave Crocker <dcrocker@brandenburg.com>
To: "Jack Bates" <jbates@brightok.net>
Cc: "Daniel Senie" <dts@senie.com>, nanog@merit.edu
In-Reply-To: <00a001c2cc60$55c38980$b66e1ece@brightok.net>
Errors-To: owner-nanog-outgoing@merit.edu
Jack,
Tuesday, February 4, 2003, 7:16:04 AM, you wrote:
JB> From: "Daniel Senie"
>> I'd be happy to see certs in use for MTA-MTA
>> (and indeed support this today on my systems when talking to other MTAs
>> which are using STARTTLS).
...
JB> I'm concerned with MTA to MTA. ... A flag day is
JB> necessary, and certification from MTA to MTA is necessary.
Please consider how many MTAs interact on the global Internet. Please
consider that each is operated by a different, independent organization.
Please consider that there is no single authority over all those
organizations.
A flag day is not possible for changing the infrastructure of any
network operation that is large. Even when there is a single authority,
service operators cannot perform a conversion "instantly".
In a medium-sized company -- and that means that theoretically there is
a single authority over everyone -- a serious change to the network
infrastructure will take at least 6 months.
For the Internet, it takes many years to obtain broad adoption of a
change.
d/
ps. Please note that there is still no large-scale use of certificates,
although the technology for them has existed for years. Therefore it is
important to be very conservative, when specifying a system behavior
that depends upon their use.
--
Dave <mailto:dcrocker@brandenburg.com>
Brandenburg InternetWorking <http://www.brandenburg.com>
t +1.408.246.8253; f +1.408.850.1850
