On 3/16/2004 6:56 PM, Keith Moore wrote:
this doesn't solve the problem of clients acting inconsistently from
one another.
It's not the full text either. Read the draft.
TLS support (and SASL mechanisms) can be discovered with a probe. The
protocol specs (mostly) require TLS
neither POP nor IMAP nor SUBMISSION requires TLS.
I should have said 'newer'. Like RFC 3501 (IMAP)
Client and server implementations MUST implement the STARTTLS,
LOGINDISABLED, and AUTH=PLAIN (described in [IMAP-TLS])
capabilities. See the Security Considerations section for
important information.
AUTH/STARTTLS weren't around for POP3 and SUBMIT, obviously.
--
Eric A. Hall http://www.ehsco.com/
Internet Core Protocols http://www.oreilly.com/catalog/coreprot/