Re: Last Call: SMTP Service Extension for Secure SMTP over TLS to Propos

ietf-smtp

Re: Last Call: SMTP Service Extension for Secure SMTP over TLS to Proposed Standard

2001-07-27 16:35:14


Keith Moore <moore(_at_)cs(_dot_)utk(_dot_)edu> writes:

I've seen zero discussion of the extent of broken vs. conforming 
implementations in groups that are frequented by SMTP implementors.
All I've seen is your claim that most client implementations fail to 
follow the spec in sending TLS 1.0 Hello messages.  No offense,
but I don't think that's sufficient justification to change the spec.

I've just checked out a number of implementations:

qmail STARTTLS patch                   SSLv2 backwards compatible hello
Postfix STARTTLS patch                 SSLv2 backwards compatible hello
Sendmail 8.11                          SSLv2 backwards compatible hello
                                       (turned off if you're not using
                                       RSA).

The Sendmail STARTTLS page
(http://www.sendmail.org/~ca/email/starttls.html) claims
that CommuniGate Pro 3.3BetaX and Interchange v.3.61.01
support SSLv3 only. It's unknown--at least to me what
sort of ClientHello they send.

I don't have Exchange so I can't say what it does.

-Ekr

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: Last Call: SMTP Service Extension for Secure SMTP over TLS to Proposed Standard, (continued) Re: Last Call: SMTP Service Extension for Secure SMTP over TLS to Proposed Standard, Eric Rescorla Re: Last Call: SMTP Service Extension for Secure SMTP over TLS to Proposed Standard, Bodo Moeller Re: Last Call: SMTP Service Extension for Secure SMTP over TLS to Proposed Standard, Keith Moore Re: Last Call: SMTP Service Extension for Secure SMTP over TLS to Proposed Standard, Bodo Moeller Re: Last Call: SMTP Service Extension for Secure SMTP over TLS to Proposed Standard, Keith Moore Re: Last Call: SMTP Service Extension for Secure SMTP over TLS to Proposed Standard, Bodo Moeller Re: Last Call: SMTP Service Extension for Secure SMTP over TLS to Proposed Standard, Keith Moore Re: Last Call: SMTP Service Extension for Secure SMTP over TLS to Proposed Standard, ned+ietf-smtp Re: Last Call: SMTP Service Extension for Secure SMTP over TLS to Proposed Standard, Bodo Moeller Re: Last Call: SMTP Service Extension for Secure SMTP over TLS to Proposed Standard, Keith Moore Re: Last Call: SMTP Service Extension for Secure SMTP over TLS to Proposed Standard, Eric Rescorla <= Re: Last Call: SMTP Service Extension for Secure SMTP over TLS to Proposed Standard, Todd Vierling Re: Last Call: SMTP Service Extension for Secure SMTP over TLS to Proposed Standard, Keith Moore Re: Last Call: SMTP Service Extension for Secure SMTP over TLS to Proposed Standard, Eric Rescorla Re: Last Call: SMTP Service Extension for Secure SMTP over TLS to Proposed Standard, Keith Moore Re: Last Call: SMTP Service Extension for Secure SMTP over TLS to Proposed Standard, Eric Rescorla

Previous by Date:	Re: Last Call: SMTP Service Extension for Secure SMTP over TLS to Proposed Standard, Keith Moore
Next by Date:	Re: Last Call: SMTP Service Extension for Secure SMTP over TLS to Proposed Standard, Todd Vierling
Previous by Thread:	Re: Last Call: SMTP Service Extension for Secure SMTP over TLS to Proposed Standard, Keith Moore
Next by Thread:	Re: Last Call: SMTP Service Extension for Secure SMTP over TLS to Proposed Standard, Todd Vierling
Indexes:	[Date] [Thread] [Top] [All Lists]