ietf-smtp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: RSET command - possible security loophole

2011-05-30 17:44:56
from [Murray S. Kucherawy] [Permanent Link] 


-----Original Message-----
From: owner-ietf-smtp(_at_)mail(_dot_)imc(_dot_)org 
[mailto:owner-ietf-smtp(_at_)mail(_dot_)imc(_dot_)org] On Behalf Of John C 
Klensin
Sent: Monday, May 30, 2011 3:03 PM
To: Hector Santos; ietf-smtp(_at_)imc(_dot_)org
Subject: Re: RSET command - possible security loophole

[...]
To say that even more bluntly, I don't think 5321 needs to
provide "additional process insight".  No additional words in
5321 will prevent implementers who don't feel a need to think
from their own carelessness and/or stupidity.

If you think that needs to be more clear in the relevant
extension documents, I recommend that you start generating
errata.


It doesn't appear I was privy to the original message, but given the part of it 
that was quoted, +1 to John's reply.

-MSK
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: RSET command - possible security loophole, Derek J. Balling
Next by Date:  Re: RSET command - possible security loophole, John Levine
Previous by Thread:  Re: RSET command - possible security loophole, John C Klensin
Next by Thread:  Re: RSET command - possible security loophole, Hector Santos
Indexes:  [Date] [Thread] [Top] [All Lists]