[Top] [All Lists]

Re: STARTTLS & EHLO: Errata text?

2009-02-01 15:38:35

--On Sunday, February 01, 2009 14:49 -0500 Hector Santos
<hsantos(_at_)santronics(_dot_)com> wrote:

Tony, SM, John,

Ok, let me try it this way:

I was thinking of 3207 with text similar to:

     The secured SMTP client MUST resend the EHLO command and
     secured SMTP server MUST be prepared to issue an 503
     for any out of sequence commands by legacy 3207 clients.

In spite of the fact that the 503 code has been stable since 821
was published, I'd be a lot happier with the above if it said
"issue a 'command out of sequence' reply" or "issue a 'command
out of sequence' reply as specified for SMTP [RFC5321]" than
"issue a 503...".  Just aesthetics about what is specified where.

I don't have enough in-depth familiarity with 3207 clients to
have a useful opinion about whether 

        (1) that text is needed or whether 
        (2) text that (i) recommended sending the second EHLO
        and (ii) indicated that any client that does not send
        the EHLO MUST be prepared for a "command out of
        sequence" code and MUST then either issue the EHLO
        forthwith or abandon the connection (following SMTP and
        TLS rules for doing that)

Would be the more appropriate fix.