I have a question on when the client can issue STARTTLS after the
server advertises the same in response to ehlo. The usage example in
section 5, illustrates the way STARTTLS would typically be used - the
client issues STARTTLS immediately after it knows that the server
supports it. The client issues any other command only after
successfully completing the TLS handshake. I understand that this is
how most of the clients configured to use STARTTLS would behave.
However, a client can issue a STARTTLS after sending a few messages to
the server in the clear.For instance, sendmail allows the client to
send messages in the clear. However, if the client decides to change
it's mind and issues a STARTTLS, it allows the client to complete the
TLS handshake(if configured properly) and thereupon, the communication
b/w the client & sendmail server would be over the TLS channel. The
question is: Should SMTP servers necessarily allow clients to upgrade
to TLS in the middle of the same SMTP session? Instead, can a SMTP
server support STARTTLS only if the client issues the same before
sending any messages to the server and still claim to be conforming
to rfc 3207?
Thanks,
Chakkaravarthy.