Re: RFC 3207 STARTTLS


Ivar Lumi wrote:

Hi,

After reading RFC 3207, i found probably non documented item.

For example:
C: STARTTLS
S: 220 Go ahead
C: <starts TLS negotiation>
C & S: <negotiate a TLS session>
C & S: <check result of negotiation>

Now if negotiation fails, whats then ?
Send error ? close connection ?
Whats the proper action ?


Philip's response is correct.

I just want to add one more thing: if the server can detect TLS failurebefore issuing "220 Go ahead" (e.g. a server TLS certificate is notconfigured), it should do so and return failure at this stage.Even better if the server pre-create TLS context upfront and don'tadvertise STARTTLS if there is no chance of it succeeding.

<Prev in Thread]	Current Thread	[Next in Thread>
Re: RFC 3207 STARTTLS, (continued) Re: RFC 3207 STARTTLS, Tony Finch Re: RFC 3207 STARTTLS, Alessandro Vesely Re: RFC 3207 STARTTLS, John C Klensin Re: RFC 3207 STARTTLS, Carl S. Gutekunst Re: RFC 3207 STARTTLS, Tony Finch Re: RFC 3207 STARTTLS, Carl S. Gutekunst Re: RFC 3207 STARTTLS, Ivar Lumi Re: RFC 3207 STARTTLS, Nate Leon Re: RFC 3207 STARTTLS, Hector Santos Re: RFC 3207 STARTTLS, SM Re: RFC 3207 STARTTLS, Alexey Melnikov <=

Previous by Date:	Re: RFC 3207 STARTTLS, Ivar Lumi
Next by Date:	Re: RFC 3207 STARTTLS, Alexey Melnikov
Previous by Thread:	Re: RFC 3207 STARTTLS, SM
Next by Thread:	SMTP 500 Line too long, Ivar Lumi
Indexes:	[Date] [Thread] [Top] [All Lists]