Tony, Given the confusion about readings, I'd recommend modifying your changes to make them brutally clear. Suggestions below.
--On Thursday, January 29, 2009 12:04 -0500 Tony Hansen <[email protected]> wrote: > > If we were to write an Errata against RFC 3207, I'd suggest > text such as the following (in Errata format): > > Section: > 4.2 Result of the STARTTLS Command > > Old text: > The server MUST discard any knowledge obtained from the > client, such as the argument to the EHLO command, which was > not obtained from the TLS negotiation itself. > > New text: > The server MUST discard any knowledge obtained from the > client that was not obtained from the TLS negotiation > itself. The server state is otherwise as if the connection > had just been opened. s/opened/opened, i.e., before a session has been established by the client sending EHLO/ > Reason: > The example is misleading and has lead some people to think > that knowledge of an EHLO having been sent previously > should be remembered. > Section: > 4.2 Result of the STARTTLS Command > > Old text: > The client SHOULD send an EHLO command as the > first command after a successful TLS negotiation. > > New text: > The client MUST send either an EHLO command or a HELO > command as the first command after a successful TLS > negotiation. s/HELO command as/HELO command, or a command that does not require that a mail transaction be open, as/ That can be done in several other ways, but I don't think you can or should prohibit VRFY, EXPN, HELP, etc., there. > Reason: > Since the state is reset to that of a connection having > just been opened, the requirement from RFC 5321 applies: > > In any event, a client MUST issue HELO or EHLO before > starting a mail transaction. > > The previous text implied that a client can get by without > sending one or the either. > Now for the $64k questions: > > 1) Is there consensus behind this viewpoint? Wfm, with the changes above. > 2) If so, does the text above cover the ground? See suggestions above. > 3) If so, who wants to file the Errata? Having written it, is there any reason why you should not just go ahead and do it? john
