[Top] [All Lists]

Re: Conflicting Enhanced Status Codes between RFC 4468 and draft-siemborski-rfc2554bis

2007-04-09 23:08:34
Getting back to this draft.

Frank Ellermann wrote:
Tony Hansen wrote:
I had a few minutes. See attached. Comments?

   o  IANA is directed to create the registry Mail Enhanced Status
      Codes.  In the terms of [5], values of Enhanced Status Codes
      must be registered with IANA under the IETF Consensus method.

Published RFC is IMO simpler, they can link to a RFC in the registry.

That *IS* the IETF Consensus method; see the definition in RFC 2434.

If 2434bis gets published first, this statement should be revised


I expanded out the lists of what values are being pulled out of where.

There is an issue of what to do with the values X.7.8 through X.7.13.
These were all defined in a draft that has since expired
(draft-newman-auth-resp-00.txt), but have been used in other documents
such as draft-siemborski-rfc2554bis.

As a strawman, I pulled in versions of the definitions from that draft.

I also introduced X.7.14 and X.7.15 to replace the competing uses of
X.7.8. Is this the best way to handle this conflict?

        Tony Hansen

Network Working Group                                          T. Hansen
Internet-Draft                                         AT&T Laboratories
Updates: 1893,4468                                         April 9, 2007
(if approved)
Intended status: Standards Track
Expires: October 11, 2007

               A Registry for Mail Enhanced Status Codes

Status of this Memo

   By submitting this Internet-Draft, each author represents that any
   applicable patent or other IPR claims of which he or she is aware
   have been or will be disclosed, and any of which he or she becomes
   aware will be disclosed, in accordance with Section 6 of BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups.  Note that
   other groups may also distribute working documents as Internet-

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at

   The list of Internet-Draft Shadow Directories can be accessed at

   This Internet-Draft will expire on October 11, 2007.

Copyright Notice

   Copyright (C) The IETF Trust (2007).


   This document establishes an IANA registry for SMTP Enhanced Status

Hansen                  Expires October 11, 2007                [Page 1]
Internet-Draft     Mail Enhanced Status Code Registry         April 2007

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . . . 3
   2.  IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 3
   3.  Security Considerations . . . . . . . . . . . . . . . . . . . . 5
   4.  Acknowledgements  . . . . . . . . . . . . . . . . . . . . . . . 5
   5.  References  . . . . . . . . . . . . . . . . . . . . . . . . . . 5
     5.1.  Normative References  . . . . . . . . . . . . . . . . . . . 5
     5.2.  Informative References  . . . . . . . . . . . . . . . . . . 5
   Author's Address  . . . . . . . . . . . . . . . . . . . . . . . . . 6
   Intellectual Property and Copyright Statements  . . . . . . . . . . 7

Hansen                  Expires October 11, 2007                [Page 2]
Internet-Draft     Mail Enhanced Status Code Registry         April 2007

1.  Introduction

   Enhanced Status Codes for SMTP were first defined in [RFC1893], which
   was replaced by [RFC3463].  Since that time, various RFCs have been
   published and internet drafts proposed that define further status
   codes.  However, no IANA registry was defined for the status codes
   and conflicts in definitions have begun to appear.  This RFC defines
   such an IANA registry and was written to help prevent further
   conflicts from appearing in the future.

   This document is being discussed on the SMTP mailing list,
   ietf-smtp(_at_)imc(_dot_)org [1].

2.  IANA Considerations

   o  IANA is directed to create the registry Mail Enhanced Status
      Codes.  In the terms of [RFC2434], values of Enhanced Status Codes
      must be registered with IANA under the IETF Consensus method.
      (Specifically, new assignments are made via RFCs approved by the
   o  The Mail Enhanced Status Codes registry will have three tables:
      *  class sub-code,
      *  subject sub-code, and
      *  enumerated status codes, which include both a subject sub-code
         and a detail sub-code.
   o  Each entry in the tables will include: the sub-code or enumerated
      status code, a definition title for the code, and a description of
      the code's use, similar to the entries shown in [RFC3463].  An
      example of an entry in the enumerated status code table would be:
      X.0.0 Other undefined Status  Other undefined status is the only
         undefined error code.  It should be used for all errors for
         which only the class of the error is known.
   o  The initial values for the class and subject sub-code tables is to
      be populated from section 2 of [RFC3463].  Specifically, these are
      the values for 2.XXX.XXX, 4.XXX.XXX and 5.XXX.XXX for the class
      sub-code table, and the values X.0.XXX, X.1.XXX, X.2.XXX, X.3.XXX,
      X.4.XXX, X.5.XXX, X.6.XXX and X.7.XXX for the subject sub-code
   o  The initial values for the enumerated status code table is to be
      populated from sections 3.1 through 3.8 of [RFC3463], (X.0.0,
      X.1.0 through X.1.8, X.2.0 through X.2.4, X.3.0 through X.3.5,
      X.4.0 through X.4.7, X.5.0 through X.5.5, X.6.0 through X.6.5, and
      X.7.0 through X.7.7) section 3.3.4 of [RFC3886] (X.1.9), and the
      definition of X.6.6 found in section 5 of [RFC4468].
   o  The following definitions are to be registered in the enumerated
      status code table.

Hansen                  Expires October 11, 2007                [Page 3]
Internet-Draft     Mail Enhanced Status Code Registry         April 2007

      X.5.6 Authentication Exchange line is too long  This enhanced
         status code SHOULD be returned when the server fails the AUTH
         command due to the client sending a response which is longer
         than the maximum buffer size available for the currently
         selected SASL mechanism.
      X.7.8 Trust relationship required or Authentication credentials
      invalid  Because of conflicting definitions in different
         documents, this value should no longer be used.
      X.7.9 Authentication mechanism is too weak  This response to the
         AUTH command indicates that the selected authentication
         mechanism is weaker than server policy permits for that user.
         The client SHOULD retry with a new authentication mechanism.
      X.7.10 Encryption Needed  This indicates that external strong
         privacy layer is needed in order to use the requested
         authentication mechanism.  This is primarily intended for use
         with clear text authentication mechanisms.  A client which
         receives this may activate a security layer such as TLS prior
         to authenticating, or attempt to use a stronger mechanism.
      X.7.11 Encryption required for requested authentication mechanism
         This indicates the user's passphrase or passphrase has expired
         and needs to be changed.  Many sites have a policy which
         forbids a passphrase or passphrase from being used too long.
         These sites will set a time period after which passphrases must
         be changed.  Some sites also pre-expire passphrases set by a
         system administrator, such that a user must change their
         passphrase prior to using their account.  A client which
         receives this error code can treat it as a user request to
         change her passphrase.
      X.7.12 A password transition is needed  This response to the AUTH
         command indicates that the user needs to transition to the
         selected authentication mechanism.  This is typically done by
         authenticating once using the [PLAIN] authentication mechanism.
         The selected mechanism SHOULD then work for authentications in
         subsequent sessions.
      X.7.13 User Account Disabled  Sometimes a system administrator
         will have to disable a user's account (e.g., due to lack of
         payment, abuse, evidence of a break-in attempt, etc).  This
         error code occurs after a successful authentication to a
         disabled account.  This informs the client that the failure is
         permanent until the user contacts their system administrator to
         get the account re- enabled.  It differs from a generic
         authentication failure where the client's best option is to
         present the passphrase entry dialog in case the user simply
         mistyped their passphrase.

Hansen                  Expires October 11, 2007                [Page 4]
Internet-Draft     Mail Enhanced Status Code Registry         April 2007

      X.7.14 Trust relationship required  The submission server requires
         a configured trust relationship with a third-party server in
         order to access the message content.  This value replaces the
         prior use of X.7.8 for this error condition.
      X.7.15 Authentication credentials invalid  Authentication failed
         due to invalid or insufficient authentication credentials.
         This value replaces the prioruse of X.7.8 for this error

3.  Security Considerations

   As stated in [RFC1893], use of enhanced status codes may disclose
   additional information about how an internal mail system is
   implemented beyond that available through the SMTP status codes.

4.  Acknowledgements

   Thanks go to the members of the ietf-smtp(_at_)imc(_dot_)org [1] mailing 

5.  References

5.1.  Normative References

   [RFC3463]  Vaudreuil, G., "Enhanced Mail System Status Codes",
              RFC 3463, January 2003.

   [RFC3886]  Allman, E., "An Extensible Message Format for Message
              Tracking Responses", RFC 3886, September 2004.

   [RFC4468]  Newman, C., "Message Submission BURL Extension", RFC 4468,
              May 2006.

5.2.  Informative References

   [RFC1893]  Vaudreuil, G., "Enhanced Mail System Status Codes",
              RFC 1893, January 1996.

   [RFC2434]  Narten, T. and H. Alvestrand, "Guidelines for Writing an
              IANA Considerations Section in RFCs", BCP 26, RFC 2434,
              October 1998.


   [1]  <mailto:ietf-smtp(_at_)imc(_dot_)org>

Hansen                  Expires October 11, 2007                [Page 5]
Internet-Draft     Mail Enhanced Status Code Registry         April 2007

Author's Address

   Tony Hansen
   AT&T Laboratories
   200 Laurel Ave.
   Middletown, NJ  07748

   Email: tony+mailesc(_at_)maillennium(_dot_)att(_dot_)com

Hansen                  Expires October 11, 2007                [Page 6]
Internet-Draft     Mail Enhanced Status Code Registry         April 2007

Full Copyright Statement

   Copyright (C) The IETF Trust (2007).

   This document is subject to the rights, licenses and restrictions
   contained in BCP 78, and except as set forth therein, the authors
   retain all their rights.

   This document and the information contained herein are provided on an

Intellectual Property

   The IETF takes no position regarding the validity or scope of any
   Intellectual Property Rights or other rights that might be claimed to
   pertain to the implementation or use of the technology described in
   this document or the extent to which any license under such rights
   might or might not be available; nor does it represent that it has
   made any independent effort to identify any such rights.  Information
   on the procedures with respect to rights in RFC documents can be
   found in BCP 78 and BCP 79.

   Copies of IPR disclosures made to the IETF Secretariat and any
   assurances of licenses to be made available, or the result of an
   attempt made to obtain a general license or permission for the use of
   such proprietary rights by implementers or users of this
   specification can be obtained from the IETF on-line IPR repository at

   The IETF invites any interested party to bring to its attention any
   copyrights, patents or patent applications, or other proprietary
   rights that may cover technology that may be required to implement
   this standard.  Please address the information to the IETF at


   Funding for the RFC Editor function is provided by the IETF
   Administrative Support Activity (IASA).

Hansen                  Expires October 11, 2007                [Page 7]