S Moonesamy wrote:
Martin Rex wrote:
I believe it would be sensible to describe the desired authentication model
for MUA->MTA in more detail, beyond the mere reference of [SMTP-AUTH]
in section 4.3 of the current document:
The intent is to publish the document as a Full Standard. As much as
it may be sensible to describe the desired authentication model, it
had to be shown that changes would contribute in a substantial and
substantive way to the quality and comprehensibility of the
specification as that was the guideline given to working group
participants. If you would like to recommend additional text,
I suggest sending a message to the YAM mailing list.
It seems that I've been confused by the seperation of authentications
client->server and server->client into distinct protocol extensions,
i.e. SMTP-AUTH (rfc4954) for client->server, and the optional SMTP
service extension SMTP-TLS (STARTTLS, rfc3207) for server->client.
The "mess" I was refering to is about the (factual lack of) server
endpoint identification in SMTP-TLS for the server->client authentication.
I'm sorry.
-Martin
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf