IETF Logo Mail Archive

Re: STARTTLS & EHLO: Errata text?

ned+ietf-smtp@mrochek.com Fri, 30 January 2009 16:35 UTC

Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.14.2/8.14.2) with ESMTP id n0UGZNQD092060 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 30 Jan 2009 09:35:23 -0700 (MST) (envelope-from owner-ietf-smtp@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.14.2/8.13.5/Submit) id n0UGZNDO092059; Fri, 30 Jan 2009 09:35:23 -0700 (MST) (envelope-from owner-ietf-smtp@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-smtp@mail.imc.org using -f
Received: from mauve.mrochek.com (mauve.mrochek.com [66.59.230.40]) by balder-227.proper.com (8.14.2/8.14.2) with ESMTP id n0UGZBQw092049 for <ietf-smtp@imc.org>; Fri, 30 Jan 2009 09:35:22 -0700 (MST) (envelope-from ned+ietf-smtp@mrochek.com)
Received: from dkim-sign.mauve.mrochek.com by mauve.mrochek.com (PMDF V6.1-1 #35243) id <01N4WFIAVJG000WVU8@mauve.mrochek.com> for ietf-smtp@imc.org; Fri, 30 Jan 2009 08:35:09 -0800 (PST)
Received: from mauve.mrochek.com by mauve.mrochek.com (PMDF V6.1-1 #35243) id <01N4V61WVB4G00007A@mauve.mrochek.com> (original mail from NED@mauve.mrochek.com) for ietf-smtp@imc.org; Fri, 30 Jan 2009 08:35:03 -0800 (PST)
Date: Fri, 30 Jan 2009 08:27:37 -0800
From: ned+ietf-smtp@mrochek.com
Subject: Re: STARTTLS & EHLO: Errata text?
In-reply-to: "Your message dated Fri, 30 Jan 2009 09:34:16 +0000" <4982C998.5010306@pscs.co.uk>
To: Paul Smith <paul@pscs.co.uk>
Cc: ned+ietf-smtp@mrochek.com, SM <sm@resistor.net>, Tony Hansen <tony@att.com>, ietf-smtp@imc.org
Message-id: <01N4WFI92X4C00007A@mauve.mrochek.com>
MIME-version: 1.0
Content-type: TEXT/PLAIN
Content-transfer-encoding: 7bit
References: <497DE492.4080506@pscs.co.uk> <497DED29.70402@att.com> <497ED420.30708@pscs.co.uk> <alpine.LSU.2.00.0901271403220.4546@hermes-2.csi.cam.ac.uk> <497F86CB.60904@att.com> <alpine.LSU.2.00.0901281434440.4546@hermes-2.csi.cam.ac.uk> <498088B8.9040404@pscs.co.uk> <alpine.LSU.2.00.0901291310080.4546@hermes-2.csi.cam.ac.uk> <4981C0D5.1010401@pscs.co.uk> <4981C6BD.2040900@att.com> <37F39FF37390694B69567838@PST.JCK.COM> <4981E1AB.9000002@att.com> <6.2.5.6.2.20090129094120.02f234a0@resistor.net> <01N4VB00O5UQ00007A@mauve.mrochek.com> <4982C998.5010306@pscs.co.uk>
Sender: owner-ietf-smtp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-smtp/mail-archive/>
List-ID: <ietf-smtp.imc.org>
List-Unsubscribe: <mailto:ietf-smtp-request@imc.org?body=unsubscribe>

> ned+ietf-smtp@mrochek.com wrote:
> >
> > While I have no objection to making this change, I note in passing
> > that quite a
> > few servers, ours included, violate the "the server MUST discard any
> > knowledge
> > obtained from the client" part of this and will continue to do so no
> > matter
> > what is written in any standard.

> I think you could argue that the number of messages you have accepted
> from the client, the session time, the number of recipients etc, is NOT
> information received from the client, but information derived by the
> server itself.

Maybe, but it's exactly the sort of handwaving argument we always lambast when
somebody uses it in support of some oddball thing they want to do that's
causing interoperability problems.

> If there was an extension for the client to say 'I'm going to send 6
> messages this session', then that information would have to be
> discarded, but the server remembering that 6 messages have already been
> sent is something the server could work out for itself.

> Also, AIUI, you could always refuse to accept STARTTLS after you have
> accepted a message. (I can't think of any good reason you'd want to send
> some messages with TLS and others without, but maybe others can)

Not only have there been people arguing for this in the past, there have also
been proponents who wanted to be able to do AUTH and STARTTLS in the
middle of a transaction. Fortunately we managed to stomp out the latter.

				Ned

v2.23.0 | Report a Bug | By Email