IETF Logo Mail Archive

Re: STARTTLS & EHLO: Errata text?

Tony Finch <dot@dotat.at> Fri, 30 January 2009 18:30 UTC

Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.14.2/8.14.2) with ESMTP id n0UIU7lK098652 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 30 Jan 2009 11:30:07 -0700 (MST) (envelope-from owner-ietf-smtp@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.14.2/8.13.5/Submit) id n0UIU7hk098651; Fri, 30 Jan 2009 11:30:07 -0700 (MST) (envelope-from owner-ietf-smtp@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-smtp@mail.imc.org using -f
Received: from ppsw-1.csi.cam.ac.uk (ppsw-1.csi.cam.ac.uk [131.111.8.131]) by balder-227.proper.com (8.14.2/8.14.2) with ESMTP id n0UITs7B098635 for <ietf-smtp@imc.org>; Fri, 30 Jan 2009 11:30:05 -0700 (MST) (envelope-from fanf2@hermes.cam.ac.uk)
X-Cam-AntiVirus: no malware found
X-Cam-SpamDetails: not scanned
X-Cam-ScannerInfo: http://www.cam.ac.uk/cs/email/scanner/
Received: from hermes-2.csi.cam.ac.uk ([131.111.8.54]:44345) by ppsw-1.csi.cam.ac.uk (smtp.hermes.cam.ac.uk [131.111.8.151]:25) with esmtpa (EXTERNAL:fanf2) id 1LSy7e-0003Vd-5a (Exim 4.70) (return-path <fanf2@hermes.cam.ac.uk>); Fri, 30 Jan 2009 18:29:46 +0000
Received: from fanf2 (helo=localhost) by hermes-2.csi.cam.ac.uk (hermes.cam.ac.uk) with local-esmtp id 1LSy7e-0000fu-N2 (Exim 4.67) (return-path <fanf2@hermes.cam.ac.uk>); Fri, 30 Jan 2009 18:29:46 +0000
Date: Fri, 30 Jan 2009 18:29:46 +0000
From: Tony Finch <dot@dotat.at>
X-X-Sender: fanf2@hermes-2.csi.cam.ac.uk
To: ned+ietf-smtp@mrochek.com
cc: Alexey Melnikov <alexey.melnikov@isode.com>, SM <sm@resistor.net>, Tony Hansen <tony@att.com>, ietf-smtp@imc.org
Subject: Re: STARTTLS & EHLO: Errata text?
In-Reply-To: <01N4VIFDX4K000007A@mauve.mrochek.com>
Message-ID: <alpine.LSU.2.00.0901301828310.4795@hermes-2.csi.cam.ac.uk>
References: <497DE492.4080506@pscs.co.uk> <497DED29.70402@att.com> <497ED420.30708@pscs.co.uk> <alpine.LSU.2.00.0901271403220.4546@hermes-2.csi.cam.ac.uk> <497F86CB.60904@att.com> <alpine.LSU.2.00.0901281434440.4546@hermes-2.csi.cam.ac.uk> <498088B8.9040404@pscs.co.uk> <alpine.LSU.2.00.0901291310080.4546@hermes-2.csi.cam.ac.uk> <4981C0D5.1010401@pscs.co.uk> <4981C6BD.2040900@att.com> <37F39FF37390694B69567838@PST.JCK.COM> <4981E1AB.9000002@att.com> <6.2.5.6.2.20090129094120.02f234a0@resistor.net> <01N4VB00O5UQ00007A@mauve.mrochek.com> <49823FDC.4000006@isode.com> <01N4VIFDX4K000007A@mauve.mrochek.com>
User-Agent: Alpine 2.00 (LSU 1167 2008-08-23)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
Sender: owner-ietf-smtp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-smtp/mail-archive/>
List-ID: <ietf-smtp.imc.org>
List-Unsubscribe: <mailto:ietf-smtp-request@imc.org?body=unsubscribe>

On Thu, 29 Jan 2009, ned+ietf-smtp@mrochek.com wrote:
>
> > I would like suggest an alternative: how about saying
> >
> >     The server MUST NOT trust any information obtained
> >     from the client, such as command verbs and their arguments, prior to
> >     the TLS negotiation.
> >     The client MUST NOT trust any information obtained from the server,
> >     such as the list of SMTP service extensions,
> >     prior to the TLS negotiation.
> >
> > This avoid the whole issue of what the client/server must and must not
> > remember.
>
> Very clever - it focuses on the real issue and avoids the slippery slope. . I
> like it a lot. This is definitely the way to go.

+1

Tony.
-- 
f.anthony.n.finch  <dot@dotat.at>  http://dotat.at/
GERMAN BIGHT HUMBER: SOUTHWEST 5 TO 7. MODERATE OR ROUGH. SQUALLY SHOWERS.
MODERATE OR GOOD.

v2.23.0 | Report a Bug | By Email