Re: /etc/services losses

To: Mouse <mouse%Rodents-Montreal.ORG@localhost>
Subject: Re: /etc/services losses
From: Greg Troxel <gdt%lexort.com@localhost>
Date: Thu, 03 Aug 2023 08:45:12 -0400

Mouse <mouse%Rodents-Montreal.ORG@localhost> writes:

>> I'm also not sure it matters if a TLS session is preceded by the ten
>> bytes `STARTTLS\r\n' on the wire or not.

> In theory, it matters because the conversation is not conformant to the
> protocol otherwise; a receiver-SMTP would be entirely justified in
> dropping a connection which attempts to start a TLS session without
> STARTTLS, and, while I don't have specific knowledge of any (I don't
> use TLS), it would surprise me if there weren't implementations that
> did.  (Playing fast and loose with standards conformance is in large
> part how email became the disaster it currently is; doing so more just
> makes it worse.)

I am pretty sure Taylor menat that there is no meaningful difference
between:

  connect to 465, negotiate TLS, speak SMTP/submission inside of TLS

and

  connect to 587, send "STARTTLS", negotiate TLS, speak SMTP/submission
  inside of TLS.  If STARTTLS/negotation fails, error out.

and I agree.  Nobody is suggesting that 587 speak TLS without STARTTLS
or that 465 accept STARTTLS.

References:
- Re: /etc/services losses
  - From: Taylor R Campbell
- Re: /etc/services losses
  - From: Mouse

Prev by Date: Re: /etc/services losses
Next by Date: Re: /etc/services losses
Previous by Thread: Re: /etc/services losses
Next by Thread: Re: /etc/services losses
Indexes:

Home | Main Index | Thread Index | Old Index