On Tue, 27 Jan 2009, Tony Hansen wrote: > > Ahhh, there's where the difference in interpretation lays. One > interpretation is that the remote side is required to forget the value > that was passed with the original EHLO command. Another interpretation > is that it further must forget that an EHLO command was issued at all. > > I guess I can see either interpretation of the STARTTLS spec.
As far as I can see it is clear. "The server MUST discard any knowledge obtained from the client [...] which was not obtained from the TLS negotiation itself. The client MUST discard any knowledge obtained from the server [...] which was not obtained from the TLS negotiation itself." The parts which I have elided are just examples, because they start "such as". Tony. -- f.anthony.n.finch <[email protected]> http://dotat.at/ GERMAN BIGHT HUMBER: SOUTHWEST 5 TO 7. MODERATE OR ROUGH. SQUALLY SHOWERS. MODERATE OR GOOD.
