Re: STARTTLS & EHLO: Errata text?
Alexey Melnikov <alexey.melnikov@isode.com> Thu, 29 January 2009 17:39 UTC
Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.14.2/8.14.2) with ESMTP id n0THdCGe030949 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 29 Jan 2009 10:39:12 -0700 (MST) (envelope-from owner-ietf-smtp@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.14.2/8.13.5/Submit) id n0THdCCj030948; Thu, 29 Jan 2009 10:39:12 -0700 (MST) (envelope-from owner-ietf-smtp@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-smtp@mail.imc.org using -f
Received: from rufus.isode.com (rufus.isode.com [62.3.217.251]) by balder-227.proper.com (8.14.2/8.14.2) with ESMTP id n0THd14V030931 for <ietf-smtp@imc.org>; Thu, 29 Jan 2009 10:39:12 -0700 (MST) (envelope-from alexey.melnikov@isode.com)
Received: from [192.168.0.6] ((unknown) [62.3.217.253]) by rufus.isode.com (submission channel) via TCP with ESMTPA id <SYHpswB0lGSk@rufus.isode.com>; Thu, 29 Jan 2009 17:38:59 +0000
X-SMTP-Protocol-Errors: NORDNS
Message-ID: <4981E98D.5000505@isode.com>
Date: Thu, 29 Jan 2009 17:38:21 +0000
From: Alexey Melnikov <alexey.melnikov@isode.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.12) Gecko/20050915
X-Accept-Language: en-us, en
To: Tony Hansen <tony@att.com>
CC: ietf-smtp@imc.org
Subject: Re: STARTTLS & EHLO: Errata text?
References: <497DE492.4080506@pscs.co.uk> <497DED29.70402@att.com> <497ED420.30708@pscs.co.uk> <alpine.LSU.2.00.0901271403220.4546@hermes-2.csi.cam.ac.uk> <497F86CB.60904@att.com> <alpine.LSU.2.00.0901281434440.4546@hermes-2.csi.cam.ac.uk> <498088B8.9040404@pscs.co.uk> <alpine.LSU.2.00.0901291310080.4546@hermes-2.csi.cam.ac.uk> <4981C0D5.1010401@pscs.co.uk> <4981C6BD.2040900@att.com> <37F39FF37390694B69567838@PST.JCK.COM> <4981E1AB.9000002@att.com>
In-Reply-To: <4981E1AB.9000002@att.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Transfer-Encoding: 7bit
Sender: owner-ietf-smtp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-smtp/mail-archive/>
List-ID: <ietf-smtp.imc.org>
List-Unsubscribe: <mailto:ietf-smtp-request@imc.org?body=unsubscribe>
Tony Hansen wrote: >If we were to write an Errata against RFC 3207, I'd suggest text such as >the following (in Errata format): > >Section: > 4.2 Result of the STARTTLS Command > >Old text: > The server MUST discard any knowledge obtained from the client, such > as the argument to the EHLO command, which was not obtained from the > TLS negotiation itself. > >New text: > The server MUST discard any knowledge obtained from the client that > was not obtained from the TLS negotiation itself. The server state > is otherwise as if the connection had just been opened. > I like that. >Reason: > The example is misleading and has lead some people to think that > knowledge of an EHLO having been sent previously should be > remembered. > >Section: > 4.2 Result of the STARTTLS Command > >Old text: > The client SHOULD send an EHLO command as the > first command after a successful TLS negotiation. > >New text: > The client MUST send either an EHLO command or a HELO command as the > first command after a successful TLS negotiation. > > I don't think we should recommend using HELO here: the client has issued STARTTLS already, so clearly it knows how to use EHLO. Besides, I agree that we should move toward deprecating HELO. >Reason: > Since the state is reset to that of a connection having just been > opened, the requirement from RFC 5321 applies: > > In any event, a client MUST issue HELO or EHLO before starting a > mail transaction. > > The previous text implied that a client can get by without sending > one or the either. > >Section: > 4. The STARTTLS Command > >Old text: > The format for the STARTTLS command is: > > STARTTLS > > with no parameters. > >New text: > The format for the STARTTLS command is: > > STARTTLS > > with no parameters. > > Because the server state machine is reset to an initial connection > state after negotiating TLS, and any modifications to the server > state will be lost, the client SHOULD NOT issue any MAIL > FROM or RCPT TO commands prior to using the STARTTLS command. > > I would be Ok with making this a MUST NOT. Also, I think it would be better to say "the client SHOULD/MUST NOT start a mail transaction prior to ...". >Now for the $64k questions: > >1) Is there consensus behind this viewpoint? > We shall see :-). >2) If so, does the text above cover the ground? > I frankly can't tell without rereading the RFC, but the text seems to address the immediate problems. >3) If so, who wants to file the Errata? > > Go ahead and do that once there is the mailing list consensus.
- Re: STARTTLS & EHLO: Errata text? Hector Santos
- Re: STARTTLS & EHLO: Errata text? Tony Finch
- Re: STARTTLS & EHLO: Errata text? Hector Santos
- Re: STARTTLS & EHLO: Errata text? ned+ietf-smtp
- Re: STARTTLS & EHLO: Errata text? Tony Finch
- Re: STARTTLS & EHLO: Errata text? Tony Finch
- Re: STARTTLS & EHLO: Errata text? Tony Finch
- Re: STARTTLS & EHLO: Errata text? Russ Allbery
- Re: STARTTLS & EHLO: Errata text? ned+ietf-smtp
- Re: STARTTLS & EHLO: Errata text? SM
- Re: STARTTLS & EHLO: Errata text? Hector Santos
- Re: STARTTLS & EHLO: Errata text? John C Klensin
- Re: STARTTLS & EHLO: Errata text? Paul Smith
- Re: STARTTLS & EHLO: Errata text? Paul Smith
- Re: STARTTLS & EHLO Tony Hansen
- Re: STARTTLS & EHLO: Errata text? Russ Allbery
- Re: STARTTLS & EHLO: Errata text? Hector Santos
- Re: STARTTLS & EHLO: Errata text? ned+ietf-smtp
- Re: STARTTLS & EHLO: Errata text? John C Klensin
- Re: STARTTLS & EHLO: Errata text? Hector Santos
- Re: STARTTLS & EHLO: Errata text? ned+ietf-smtp
- Re: STARTTLS & EHLO: Errata text? Alexey Melnikov
- Re: STARTTLS & EHLO: Errata text? Alexey Melnikov
- Re: STARTTLS & EHLO: Errata text? SM
- Re: STARTTLS & EHLO: Errata text? ned+ietf-smtp
- Re: STARTTLS & EHLO: Errata text? Hector Santos
- Re: STARTTLS & EHLO: Errata text? Bill McQuillan
- Re: STARTTLS & EHLO: Errata text? John C Klensin
- Re: STARTTLS & EHLO: Errata text? SM
- Re: STARTTLS & EHLO: Errata text? Alexey Melnikov
- Re: STARTTLS & EHLO: Errata text? Tony Hansen
- Re: STARTTLS & EHLO John C Klensin
- Re: STARTTLS & EHLO Tony Hansen
- Re: STARTTLS & EHLO Paul Smith
- Re: STARTTLS & EHLO Tony Finch
- Re: STARTTLS & EHLO Hector Santos
- Re: STARTTLS & EHLO SM
- Re: STARTTLS & EHLO John C Klensin
- Re: STARTTLS & EHLO Tony Hansen
- Re: STARTTLS & EHLO Peter Bowyer
- Re: STARTTLS & EHLO Hector Santos
- Re: STARTTLS & EHLO Paul Smith
- Re: STARTTLS & EHLO Tony Finch
- Re: STARTTLS & EHLO Paul Smith
- Re: STARTTLS & EHLO John C Klensin
- Re: STARTTLS & EHLO Tony Hansen
- Re: STARTTLS & EHLO Tony Finch
- Re: STARTTLS & EHLO Alessandro Vesely
- Re: STARTTLS & EHLO Paul Smith
- Re: STARTTLS & EHLO Alexey Melnikov
- Re: STARTTLS & EHLO Tony Finch
- Re: STARTTLS & EHLO John C Klensin
- Re: STARTTLS & EHLO Tony Hansen
- STARTTLS & EHLO Paul Smith
- Re: STARTTLS & EHLO: Errata text? SM
- Re: STARTTLS & EHLO: Errata text? Hector Santos
- Re: STARTTLS & EHLO: Errata text? SM
- Re: STARTTLS & EHLO: Errata text? Hector Santos
- Re: STARTTLS & EHLO: Errata text? John C Klensin
- Re: STARTTLS & EHLO: Errata text? Tony Finch
- RFC 1123bis? Hector Santos
- Re: STARTTLS & EHLO: Errata text? John C Klensin
- Re: STARTTLS & EHLO: Errata text? Hector Santos
- Re: STARTTLS & EHLO: Errata text? John C Klensin
- Re: STARTTLS & EHLO: Errata text? Tony Finch
- Re: STARTTLS & EHLO: Errata text? SM