Re: [Uri-review] Request to review draft-yevstifeyev-pops-uri-scheme-02
Alexey Melnikov <alexey.melnikov@isode.com> Tue, 22 March 2011 12:55 UTC
Received: from hoffman.proper.com (localhost [127.0.0.1]) by hoffman.proper.com (8.14.4/8.14.3) with ESMTP id p2MCtgJo060421 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 22 Mar 2011 05:55:42 -0700 (MST) (envelope-from owner-ietf-pop3ext@mail.imc.org)
Received: (from majordom@localhost) by hoffman.proper.com (8.14.4/8.13.5/Submit) id p2MCtgiF060420; Tue, 22 Mar 2011 05:55:42 -0700 (MST) (envelope-from owner-ietf-pop3ext@mail.imc.org)
X-Authentication-Warning: hoffman.proper.com: majordom set sender to owner-ietf-pop3ext@mail.imc.org using -f
Received: from rufus.isode.com (rufus.isode.com [62.3.217.251]) by hoffman.proper.com (8.14.4/8.14.3) with ESMTP id p2MCtd7Y060407 for <ietf-pop3ext@imc.org>; Tue, 22 Mar 2011 05:55:40 -0700 (MST) (envelope-from alexey.melnikov@isode.com)
Received: from [192.168.1.124] ((unknown) [62.3.217.253]) by rufus.isode.com (submission channel) via TCP with ESMTPA id <TYicSAADL75m@rufus.isode.com>; Tue, 22 Mar 2011 12:55:37 +0000
X-SMTP-Protocol-Errors: NORDNS
Message-ID: <4D886E9F.7020509@isode.com>
Date: Tue, 22 Mar 2011 09:40:47 +0000
From: Alexey Melnikov <alexey.melnikov@isode.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.12) Gecko/20050915
X-Accept-Language: en-us, en
To: Chris Newman <chris.newman@oracle.com>
CC: Mykyta Yevstifeyev <evnikita2@gmail.com>, draft-yevstifeyev-pops-uri-scheme@tools.ietf.org, uri-review@ietf.org, ietf-pop3ext@imc.org
Subject: Re: [Uri-review] Request to review draft-yevstifeyev-pops-uri-scheme-02
References: <4D7F86F1.1070507@gmail.com> <6D07F4374764D58687F8B4B7@96B2F16665FF96BAE59E9B90> <AANLkTim7o-mVfo4F-8zXXvCK8sZcfcXs-9cECt0J-_ac@mail.gmail.com> <D72150CF3E13284F51B8EF8C@96B2F16665FF96BAE59E9B90>
In-Reply-To: <D72150CF3E13284F51B8EF8C@96B2F16665FF96BAE59E9B90>
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Sender: owner-ietf-pop3ext@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-pop3ext/mail-archive/>
List-ID: <ietf-pop3ext.imc.org>
List-Unsubscribe: <mailto:ietf-pop3ext-request@imc.org?body=unsubscribe>
Hi Chris, Chris Newman wrote: > --On March 16, 2011 9:42:54 +0200 Mykyta Yevstifeyev > <evnikita2@gmail.com> wrote: > >> 2011/3/15, Chris Newman <chris.newman@oracle.com>: >> >>> This document fails to state whether the POP server is in AUTHORIZATION >>> state or TRANSACTION state upon conclusion of the SSL/TLS >>> negotiation on >>> the pops port. >> >> It's considered that the user agent will enter AUTHORIZATION state >> after TLS negotiation. The case when it will be already in >> TRANSACTION state is described in RFC 2595. > > There is no such case described for POP in RFC 2595. RFC 2595's POP > section states: > > "The STLS command is only permitted in AUTHORIZATION state and the server > remains in AUTHORIZATION state, even if client credentials are supplied > during the TLS negotiation." > >>> If you state that the POP server is in AUTHORIZATION state after the >>> TLS >>> negotiation completes, even if a client certificate is supplied, then >>> your document will be consistent with RFC 2595 and the EXTERNAL SASL >>> mechanism >> >>> can be used to enter TRANSACTION state, but the document will not >>> necessarily be consistent with the majority behavior of de-facto pops >>> implementations that support client certificates. >> >> You mean the implementations of RFC 2595, while the proposed document >> contains different POP3 over TLS binding at all. > > No. I mean existing implementations of pop3s (negotiating SSL/TLS at > connection start on port 995 for POP). I believe Thunderbird and > Outlook, for example, assume the server enters TRANSACTION state > automatically when a valid client certificate is provided with the > pop3s protocol. Interesting. Do they do the same when no client certificate is specified? I suspect the answer would be no, but I would like to double check. >> The purpose of it is >> to provide another procedure, not that described in 2595. > > I understand. RFC 2595 section 7 attempted to discourage use of imaps > and pop3s with reason. But reason rarely trumps deployment. So imaps > and pop3s are deployed but not standardized protocols so there are > some interoperability problems. We should accept they won't go away > and document how they should interoperate. Right. > If your draft does that for pop3s, I consider it a welcome > contribution to the RFC series. > > While we're on the subject, I recommend your IANA considerations also > updates the "pop3s" port registration to point to your document. That > would be useful as your document will be the first time the "pop3s" > protocol behavior is actually written down in a specification. I was actually thinking the same. So Mykyta and I should add such text.
- Re: [Uri-review] Request to review draft-yevstife… Alexey Melnikov
- Re: Request to review draft-yevstifeyev-pops-uri-… Mykyta Yevstifeyev
- Re: Request to review draft-yevstifeyev-pops-uri-… Chris Newman
- Re: Request to review draft-yevstifeyev-pops-uri-… Mykyta Yevstifeyev
- Re: Request to review draft-yevstifeyev-pops-uri-… Chris Newman
- Request to review draft-yevstifeyev-pops-uri-sche… Mykyta Yevstifeyev