Re: STARTTLS & EHLO: Errata text?

[Alexey Melnikov <alexey.melnikov@isode.com>]

John C Klensin wrote:

>Tony,
>
>Given the confusion about readings, I'd recommend modifying your
>changes to make them brutally clear.  Suggestions below.
>
>--On Thursday, January 29, 2009 12:04 -0500 Tony Hansen
><tony@att.com> wrote:
>  
>
>>If we were to write an Errata against RFC 3207, I'd suggest
>>text such as the following (in Errata format):
>>
>>Section:
>>   4.2 Result of the STARTTLS Command
>>
>>Old text:
>>   The server MUST discard any knowledge obtained from the
>>client, such    as the argument to the EHLO command, which was
>>not obtained from the    TLS negotiation itself.
>>
>>New text:
>>   The server MUST discard any knowledge obtained from the
>>client that    was not obtained from the TLS negotiation
>>itself. The server state    is otherwise as if the connection
>>had just been opened.
>>    
>>
>s/opened/opened, i.e., before a session has been established by
>the client sending EHLO/
>  
>
Sure.

>>Reason:
>>   The example is misleading and has lead some people to think
>>that    knowledge of an EHLO having been sent previously
>>should be    remembered.
>>    
>>
>>Section:
>>   4.2 Result of the STARTTLS Command
>>
>>Old text:
>>   The client SHOULD send an EHLO command as the
>>   first command after a successful TLS negotiation.
>>
>>New text:
>>   The client MUST send either an EHLO command or a HELO
>>command as the    first command after a successful TLS
>>negotiation.
>>    
>>
>s/HELO command as/HELO command, or a command that does not
>require that a mail transaction be open, as/
>
>That can be done in several other ways, but I don't think you
>can or should prohibit VRFY, EXPN, HELP, etc., there.
>  
>
Yes, I've missed that. +1 (Modulo dropping HELO)