tech-userlevel archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: /etc/services losses

Mouse <mouse%Rodents-Montreal.ORG@localhost> writes:

>> I'm also not sure it matters if a TLS session is preceded by the ten
>> bytes `STARTTLS\r\n' on the wire or not.

> In theory, it matters because the conversation is not conformant to the
> protocol otherwise; a receiver-SMTP would be entirely justified in
> dropping a connection which attempts to start a TLS session without
> STARTTLS, and, while I don't have specific knowledge of any (I don't
> use TLS), it would surprise me if there weren't implementations that
> did.  (Playing fast and loose with standards conformance is in large
> part how email became the disaster it currently is; doing so more just
> makes it worse.)

I am pretty sure Taylor menat that there is no meaningful difference

  connect to 465, negotiate TLS, speak SMTP/submission inside of TLS


  connect to 587, send "STARTTLS", negotiate TLS, speak SMTP/submission
  inside of TLS.  If STARTTLS/negotation fails, error out.

and I agree.  Nobody is suggesting that 587 speak TLS without STARTTLS
or that 465 accept STARTTLS.

Home | Main Index | Thread Index | Old Index