Re: Request to review draft-yevstifeyev-pops-uri-scheme-02
Mykyta Yevstifeyev <evnikita2@gmail.com> Wed, 16 March 2011 18:57 UTC
Received: from hoffman.proper.com (localhost [127.0.0.1]) by hoffman.proper.com (8.14.4/8.14.3) with ESMTP id p2GIvOdf028739 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 16 Mar 2011 11:57:24 -0700 (MST) (envelope-from owner-ietf-pop3ext@mail.imc.org)
Received: (from majordom@localhost) by hoffman.proper.com (8.14.4/8.13.5/Submit) id p2GIvOID028738; Wed, 16 Mar 2011 11:57:24 -0700 (MST) (envelope-from owner-ietf-pop3ext@mail.imc.org)
X-Authentication-Warning: hoffman.proper.com: majordom set sender to owner-ietf-pop3ext@mail.imc.org using -f
Received: from mail-bw0-f43.google.com (mail-bw0-f43.google.com [209.85.214.43]) by hoffman.proper.com (8.14.4/8.14.3) with ESMTP id p2GIvLwm028733 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=FAIL) for <ietf-pop3ext@imc.org>; Wed, 16 Mar 2011 11:57:23 -0700 (MST) (envelope-from evnikita2@gmail.com)
Received: by bwz14 with SMTP id 14so2236596bwz.16 for <ietf-pop3ext@imc.org>; Wed, 16 Mar 2011 11:57:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:message-id:date:from:user-agent:mime-version:to :cc:subject:references:in-reply-to:content-type :content-transfer-encoding; bh=4s6omqZM6Nyy7tchB1V1/JY0hwlZaUL41qynP6U5t8Q=; b=uPZzXt8JawNiVI6Hznr5Wl+Om/TkXpDzzUY2HpGazm0I1RkUDUF6PmJ65Yr68k1Nln 1bSX8/yRDPIZsqaO4jehi9KxrlbtPu2kj3HlfXBxywGB/0SUmyhCUeqOq6UreS+SpyKV ddOGaKwaOtFCW8+myZQ1NQUFsugnmG72QgA+g=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; b=aHGQLC9xZEn2LDXqtHM5gF7y0IwOhOMriOZ3e0p2+QV4Lx0oN577MxWdoSSolZZ7KX /Q7n0Qc/Z/rs0MGhB5LR+HWVzDlnaEuY9IOgebBv3Rv8G9auJHuJVh2hJW/nawZ0GVs5 Q665CAxcu0Dp0tCf2lvmnIDBSmWE4P+6usAfs=
Received: by 10.204.19.70 with SMTP id z6mr314819bka.204.1300301840866; Wed, 16 Mar 2011 11:57:20 -0700 (PDT)
Received: from [127.0.0.1] ([195.191.104.134]) by mx.google.com with ESMTPS id w3sm828173bkt.17.2011.03.16.11.57.18 (version=SSLv3 cipher=OTHER); Wed, 16 Mar 2011 11:57:19 -0700 (PDT)
Message-ID: <4D810831.9080600@gmail.com>
Date: Wed, 16 Mar 2011 20:57:53 +0200
From: Mykyta Yevstifeyev <evnikita2@gmail.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; ru; rv:1.9.2.15) Gecko/20110303 Thunderbird/3.1.9
MIME-Version: 1.0
To: Chris Newman <chris.newman@oracle.com>
CC: draft-yevstifeyev-pops-uri-scheme@tools.ietf.org, ietf-pop3ext@imc.org, uri-review@ietf.org
Subject: Re: Request to review draft-yevstifeyev-pops-uri-scheme-02
References: <4D7F86F1.1070507@gmail.com> <6D07F4374764D58687F8B4B7@96B2F16665FF96BAE59E9B90> <AANLkTim7o-mVfo4F-8zXXvCK8sZcfcXs-9cECt0J-_ac@mail.gmail.com> <D72150CF3E13284F51B8EF8C@96B2F16665FF96BAE59E9B90>
In-Reply-To: <D72150CF3E13284F51B8EF8C@96B2F16665FF96BAE59E9B90>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Sender: owner-ietf-pop3ext@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-pop3ext/mail-archive/>
List-ID: <ietf-pop3ext.imc.org>
List-Unsubscribe: <mailto:ietf-pop3ext-request@imc.org?body=unsubscribe>
16.03.2011 19:59, Chris Newman wrote: > --On March 16, 2011 9:42:54 +0200 Mykyta Yevstifeyev > <evnikita2@gmail.com> wrote: >> 2011/3/15, Chris Newman <chris.newman@oracle.com>: >>> This document fails to state whether the POP server is in AUTHORIZATION >>> state or TRANSACTION state upon conclusion of the SSL/TLS >>> negotiation on >>> the pops port. >>> >> It's considered that the user agent will enter AUTHORIZATION state >> after TLS negotiation. The case when it will be already in >> TRANSACTION state is described in RFC 2595. > > There is no such case described for POP in RFC 2595. RFC 2595's POP > section states: > > "The STLS command is only permitted in AUTHORIZATION state and the server > remains in AUTHORIZATION state, even if client credentials are supplied > during the TLS negotiation." However this depends on the implementation. Since the pop3s protocol is not properly documented, some software might treat do in one way (enter the AUTHORIZATION state after the TLS handshake) while others might enter TRANSACTION state. But now, when we're trying to document this protocol it's needed to be documented. But this needs additional discussion. > >>> If you state that the POP server is in AUTHORIZATION state after the >>> TLS >>> negotiation completes, even if a client certificate is supplied, then >>> your document will be consistent with RFC 2595 and the EXTERNAL SASL > mechanism >>> can be used to enter TRANSACTION state, but the document will not >>> necessarily be consistent with the majority behavior of de-facto pops >>> implementations that support client certificates. >>> >> You mean the implementations of RFC 2595, while the proposed document >> contains different POP3 over TLS binding at all. > > No. I mean existing implementations of pop3s (negotiating SSL/TLS at > connection start on port 995 for POP). I believe Thunderbird and > Outlook, for example, assume the server enters TRANSACTION state > automatically when a valid client certificate is provided with the > pop3s protocol. > >> The purpose of it is >> to provide another procedure, not that described in 2595. > > I understand. RFC 2595 section 7 attempted to discourage use of imaps > and pop3s with reason. But reason rarely trumps deployment. So imaps > and pop3s are deployed but not standardized protocols so there are > some interoperability problems. We should accept they won't go away > and document how they should interoperate. If your draft does that for > pop3s, I consider it a welcome contribution to the RFC series. > > While we're on the subject, I recommend your IANA considerations also > updates the "pop3s" port registration to point to your document. That > would be useful as your document will be the first time the "pop3s" > protocol behavior is actually written down in a specification. OK, these concerns will be considered in the next version. All the best, Mykyta Yevstifeyev > > - Chris > >
- Re: [Uri-review] Request to review draft-yevstife… Alexey Melnikov
- Re: Request to review draft-yevstifeyev-pops-uri-… Mykyta Yevstifeyev
- Re: Request to review draft-yevstifeyev-pops-uri-… Chris Newman
- Re: Request to review draft-yevstifeyev-pops-uri-… Mykyta Yevstifeyev
- Re: Request to review draft-yevstifeyev-pops-uri-… Chris Newman
- Request to review draft-yevstifeyev-pops-uri-sche… Mykyta Yevstifeyev