[arin-discuss] Template-based email as a third registry access method
dk at intuix.com
Wed Apr 4 12:17:04 EDT 2012
On Apr 4, 2012, at 6:46 PM, Alec Ginsberg wrote:
> eMail is sent clear textŠ
Not true. TLS (SSL) for SMTP was in use for many years. See http://www.ietf.org/rfc/rfc3207.txt (published 2002).
Look at Received: headers of several messages in your INBOX --
chances are that most of them were encrypted all the way (including initial submission on port 587.
Your client also can (and should) use TLS when fetching responses IMAP protocol. Thus, no cleartext in data path.
ARIN MAY even enforce use of TLS on smtp server used for secure email template submission (I would not suggest
making this change for all email sent to ARIN, of course -- and even for email templates it better be a secondary server.
> Web Services can require SSL encrypted payloads.
SMTP services, likewise. Example, for Exim server: http://www.exim.org/exim-html-current/doc/html/spec_html/ch39.html
More information about the ARIN-discuss