Re: Request to review draft-yevstifeyev-pops-uri-scheme-02
Chris Newman <chris.newman@oracle.com> Wed, 16 March 2011 17:59 UTC
Received: from hoffman.proper.com (localhost [127.0.0.1]) by hoffman.proper.com (8.14.4/8.14.3) with ESMTP id p2GHxYIR025363 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 16 Mar 2011 10:59:34 -0700 (MST) (envelope-from owner-ietf-pop3ext@mail.imc.org)
Received: (from majordom@localhost) by hoffman.proper.com (8.14.4/8.13.5/Submit) id p2GHxYSZ025362; Wed, 16 Mar 2011 10:59:34 -0700 (MST) (envelope-from owner-ietf-pop3ext@mail.imc.org)
X-Authentication-Warning: hoffman.proper.com: majordom set sender to owner-ietf-pop3ext@mail.imc.org using -f
Received: from brmea-mail-2.sun.com (brmea-mail-2.Sun.COM [192.18.98.43]) by hoffman.proper.com (8.14.4/8.14.3) with ESMTP id p2GHxXSX025353 for <ietf-pop3ext@imc.org>; Wed, 16 Mar 2011 10:59:33 -0700 (MST) (envelope-from chris.newman@oracle.com)
Received: from dm-sfbay-02.sfbay.sun.com ([129.146.11.31]) by brmea-mail-2.sun.com (8.13.6+Sun/8.12.9) with ESMTP id p2GHxWsZ014660 for <ietf-pop3ext@imc.org>; Wed, 16 Mar 2011 17:59:32 GMT
Received: from gotmail.us.oracle.com (gotmail.us.oracle.com [10.133.152.174]) by dm-sfbay-02.sfbay.sun.com (8.13.8+Sun/8.13.8/ENSMAIL,v2.4) with ESMTP id p2GHxW7a006426 for <ietf-pop3ext@imc.org>; Wed, 16 Mar 2011 10:59:32 -0700 (PDT)
MIME-version: 1.0
Content-transfer-encoding: 7bit
Content-disposition: inline
Content-type: text/plain; CHARSET="US-ASCII"; format="flowed"
Received: from [10.145.239.205] (nifty-silver.us.oracle.com [10.145.239.205]) by gotmail.sfbay.sun.com (Oracle Communications Messaging Exchange Server 7u5-2.03 64bit (built Feb 6 2011)) with ESMTPA id <0LI50072CWN1PM00@gotmail.sfbay.sun.com> for ietf-pop3ext@imc.org; Wed, 16 Mar 2011 10:59:31 -0700 (PDT)
Date: Wed, 16 Mar 2011 10:59:25 -0700
From: Chris Newman <chris.newman@oracle.com>
To: Mykyta Yevstifeyev <evnikita2@gmail.com>
Cc: draft-yevstifeyev-pops-uri-scheme@tools.ietf.org, ietf-pop3ext@imc.org, uri-review@ietf.org
Subject: Re: Request to review draft-yevstifeyev-pops-uri-scheme-02
Message-id: <D72150CF3E13284F51B8EF8C@96B2F16665FF96BAE59E9B90>
In-reply-to: <AANLkTim7o-mVfo4F-8zXXvCK8sZcfcXs-9cECt0J-_ac@mail.gmail.com>
References: <4D7F86F1.1070507@gmail.com> <6D07F4374764D58687F8B4B7@96B2F16665FF96BAE59E9B90> <AANLkTim7o-mVfo4F-8zXXvCK8sZcfcXs-9cECt0J-_ac@mail.gmail.com>
X-Mailer: Mulberry/4.0.8 (Mac OS X)
Sender: owner-ietf-pop3ext@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-pop3ext/mail-archive/>
List-ID: <ietf-pop3ext.imc.org>
List-Unsubscribe: <mailto:ietf-pop3ext-request@imc.org?body=unsubscribe>
--On March 16, 2011 9:42:54 +0200 Mykyta Yevstifeyev <evnikita2@gmail.com> wrote: > 2011/3/15, Chris Newman <chris.newman@oracle.com>: >> This document fails to state whether the POP server is in AUTHORIZATION >> state or TRANSACTION state upon conclusion of the SSL/TLS negotiation on >> the pops port. >> > It's considered that the user agent will enter AUTHORIZATION state > after TLS negotiation. The case when it will be already in > TRANSACTION state is described in RFC 2595. There is no such case described for POP in RFC 2595. RFC 2595's POP section states: "The STLS command is only permitted in AUTHORIZATION state and the server remains in AUTHORIZATION state, even if client credentials are supplied during the TLS negotiation." >> If you state that the POP server is in AUTHORIZATION state after the TLS >> negotiation completes, even if a client certificate is supplied, then >> your document will be consistent with RFC 2595 and the EXTERNAL SASL mechanism >> can be used to enter TRANSACTION state, but the document will not >> necessarily be consistent with the majority behavior of de-facto pops >> implementations that support client certificates. >> > You mean the implementations of RFC 2595, while the proposed document > contains different POP3 over TLS binding at all. No. I mean existing implementations of pop3s (negotiating SSL/TLS at connection start on port 995 for POP). I believe Thunderbird and Outlook, for example, assume the server enters TRANSACTION state automatically when a valid client certificate is provided with the pop3s protocol. > The purpose of it is > to provide another procedure, not that described in 2595. I understand. RFC 2595 section 7 attempted to discourage use of imaps and pop3s with reason. But reason rarely trumps deployment. So imaps and pop3s are deployed but not standardized protocols so there are some interoperability problems. We should accept they won't go away and document how they should interoperate. If your draft does that for pop3s, I consider it a welcome contribution to the RFC series. While we're on the subject, I recommend your IANA considerations also updates the "pop3s" port registration to point to your document. That would be useful as your document will be the first time the "pop3s" protocol behavior is actually written down in a specification. - Chris
- Re: [Uri-review] Request to review draft-yevstife… Alexey Melnikov
- Re: Request to review draft-yevstifeyev-pops-uri-… Mykyta Yevstifeyev
- Re: Request to review draft-yevstifeyev-pops-uri-… Chris Newman
- Re: Request to review draft-yevstifeyev-pops-uri-… Mykyta Yevstifeyev
- Re: Request to review draft-yevstifeyev-pops-uri-… Chris Newman
- Request to review draft-yevstifeyev-pops-uri-sche… Mykyta Yevstifeyev