Re: STARTTLS & EHLO
John C Klensin <john+smtp@jck.com> Wed, 28 January 2009 22:42 UTC
Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.14.2/8.14.2) with ESMTP id n0SMgqPr072854 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 28 Jan 2009 15:42:52 -0700 (MST) (envelope-from owner-ietf-smtp@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.14.2/8.13.5/Submit) id n0SMgqV4072853; Wed, 28 Jan 2009 15:42:52 -0700 (MST) (envelope-from owner-ietf-smtp@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-smtp@mail.imc.org using -f
Received: from bs.jck.com (ns.jck.com [209.187.148.211]) by balder-227.proper.com (8.14.2/8.14.2) with ESMTP id n0SMgeAr072846 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO) for <ietf-smtp@imc.org>; Wed, 28 Jan 2009 15:42:51 -0700 (MST) (envelope-from john+smtp@jck.com)
Received: from [127.0.0.1] (helo=localhost) by bs.jck.com with esmtp (Exim 4.34) id 1LSJ7C-000K0D-9R; Wed, 28 Jan 2009 17:42:34 -0500
Date: Wed, 28 Jan 2009 17:42:33 -0500
From: John C Klensin <john+smtp@jck.com>
To: Peter Bowyer <peter@bowyer.org>, ietf-smtp@imc.org
Subject: Re: STARTTLS & EHLO
Message-ID: <DEC3D4875CDAC4CBFDE3466C@PST.JCK.COM>
In-Reply-To: <56152ae90901281315y5847c2demd3431559f6fdcec9@mail.gmail.com>
References: <497DE492.4080506@pscs.co.uk> <497DED29.70402@att.com> <497ED420.30708@pscs.co.uk> <alpine.LSU.2.00.0901271403220.4546@hermes-2.csi.cam.ac.uk> <497F86CB.60904@att.com> <alpine.LSU.2.00.0901281434440.4546@hermes-2.csi.cam.ac.uk> <498088B8.9040404@pscs.co.uk> <56152ae90901281315y5847c2demd3431559f6fdcec9@mail.gmail.com>
X-Mailer: Mulberry/4.0.8 (Win32)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Sender: owner-ietf-smtp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-smtp/mail-archive/>
List-ID: <ietf-smtp.imc.org>
List-Unsubscribe: <mailto:ietf-smtp-request@imc.org?body=unsubscribe>
--On Wednesday, January 28, 2009 21:15 +0000 Peter Bowyer <peter@bowyer.org> wrote: > 2009/1/28 Paul Smith <paul@pscs.co.uk>: > >> To me, it was (initially) 'clear' that the example saying >> 'such as the argument to the EHLO command', was precise >> enough to imply that the fact that the EHLO command was sent >> should not be discarded. It could have said 'such as the EHLO >> command', but it went out of its way to say '*the argument >> to* the EHLO command'. > > But the 'domain' argument to the EHLO command is mandatory > (RFC1869 S4.2). So a server state of having received a valid > EHLO but not knowing what the domain argument is, is not > attainable under 1869. I don't believe 3207's intent is to > introduce that state as valid after STARTTLS. Peter, I don't believe that either 1859 or 5321 _require_ that the server the EHLO domain or maintain it as part of its state. Even if the server tries to inspect or check the field, as 5321 recommends, it would be a reasonable interpretation by the server implementer to just maintain binary pass/fail information. That is, IMO, exactly what creates the situation here. If the server intends to use the domain for anything that it considers significant, it must get that information again after STARTTLS. But there appears to be nothing in either the SMTP spec or the STARTTS one that requires that it consider that information significant. Conversely, if the client requires a list of options (other than STARTTLS itself), it has to resend the EHLO, but it is not clear that there is a requirement that it do so otherwise. >From my point of view, the first of these two problems is actually more important than the other in terms of requiring a clarification in one of the two documents. If the server thinks it needs the EHLO domain information after the TLS session has started, it has no way to tell the client that other that by issuing a non-fatal "command out of sequence" reply if some other mail transaction command is issued before the second EHLO is sent. In an alternate universe, I could imagine 303 Please send EHLO first, then resend command but I don't imagine that most clients would respond well to that in our universe. john
- Re: STARTTLS & EHLO: Errata text? Hector Santos
- Re: STARTTLS & EHLO: Errata text? Tony Finch
- Re: STARTTLS & EHLO: Errata text? Hector Santos
- Re: STARTTLS & EHLO: Errata text? ned+ietf-smtp
- Re: STARTTLS & EHLO: Errata text? Tony Finch
- Re: STARTTLS & EHLO: Errata text? Tony Finch
- Re: STARTTLS & EHLO: Errata text? Tony Finch
- Re: STARTTLS & EHLO: Errata text? Russ Allbery
- Re: STARTTLS & EHLO: Errata text? ned+ietf-smtp
- Re: STARTTLS & EHLO: Errata text? SM
- Re: STARTTLS & EHLO: Errata text? Hector Santos
- Re: STARTTLS & EHLO: Errata text? John C Klensin
- Re: STARTTLS & EHLO: Errata text? Paul Smith
- Re: STARTTLS & EHLO: Errata text? Paul Smith
- Re: STARTTLS & EHLO Tony Hansen
- Re: STARTTLS & EHLO: Errata text? Russ Allbery
- Re: STARTTLS & EHLO: Errata text? Hector Santos
- Re: STARTTLS & EHLO: Errata text? ned+ietf-smtp
- Re: STARTTLS & EHLO: Errata text? John C Klensin
- Re: STARTTLS & EHLO: Errata text? Hector Santos
- Re: STARTTLS & EHLO: Errata text? ned+ietf-smtp
- Re: STARTTLS & EHLO: Errata text? Alexey Melnikov
- Re: STARTTLS & EHLO: Errata text? Alexey Melnikov
- Re: STARTTLS & EHLO: Errata text? SM
- Re: STARTTLS & EHLO: Errata text? ned+ietf-smtp
- Re: STARTTLS & EHLO: Errata text? Hector Santos
- Re: STARTTLS & EHLO: Errata text? Bill McQuillan
- Re: STARTTLS & EHLO: Errata text? John C Klensin
- Re: STARTTLS & EHLO: Errata text? SM
- Re: STARTTLS & EHLO: Errata text? Alexey Melnikov
- Re: STARTTLS & EHLO: Errata text? Tony Hansen
- Re: STARTTLS & EHLO John C Klensin
- Re: STARTTLS & EHLO Tony Hansen
- Re: STARTTLS & EHLO Paul Smith
- Re: STARTTLS & EHLO Tony Finch
- Re: STARTTLS & EHLO Hector Santos
- Re: STARTTLS & EHLO SM
- Re: STARTTLS & EHLO John C Klensin
- Re: STARTTLS & EHLO Tony Hansen
- Re: STARTTLS & EHLO Peter Bowyer
- Re: STARTTLS & EHLO Hector Santos
- Re: STARTTLS & EHLO Paul Smith
- Re: STARTTLS & EHLO Tony Finch
- Re: STARTTLS & EHLO Paul Smith
- Re: STARTTLS & EHLO John C Klensin
- Re: STARTTLS & EHLO Tony Hansen
- Re: STARTTLS & EHLO Tony Finch
- Re: STARTTLS & EHLO Alessandro Vesely
- Re: STARTTLS & EHLO Paul Smith
- Re: STARTTLS & EHLO Alexey Melnikov
- Re: STARTTLS & EHLO Tony Finch
- Re: STARTTLS & EHLO John C Klensin
- Re: STARTTLS & EHLO Tony Hansen
- STARTTLS & EHLO Paul Smith
- Re: STARTTLS & EHLO: Errata text? SM
- Re: STARTTLS & EHLO: Errata text? Hector Santos
- Re: STARTTLS & EHLO: Errata text? SM
- Re: STARTTLS & EHLO: Errata text? Hector Santos
- Re: STARTTLS & EHLO: Errata text? John C Klensin
- Re: STARTTLS & EHLO: Errata text? Tony Finch
- RFC 1123bis? Hector Santos
- Re: STARTTLS & EHLO: Errata text? John C Klensin
- Re: STARTTLS & EHLO: Errata text? Hector Santos
- Re: STARTTLS & EHLO: Errata text? John C Klensin
- Re: STARTTLS & EHLO: Errata text? Tony Finch
- Re: STARTTLS & EHLO: Errata text? SM