On Fri, 30 Apr 2010, Chris Newman wrote: > > I've been dealing with client certificate authentication lately and realized > we have an interoperability problem with our standards. For SMTP submission, > when an end-user wishes to authenticate using a client certificate, the > protocol sequence to do so is unclear.
There is no specification for how SMTP+TLS interacts with any authentication or authorization logic. There is no specification for how SASL EXTERNAL interacts with security layers. Since the problem is gaps (rather than errors) in the specifications I think the right solution is: Option 4: Write a spec for how SMTP + TLS + SASL EXTERNAL should work together. Tony. -- f.anthony.n.finch <[email protected]> http://dotat.at/ GERMAN BIGHT HUMBER: SOUTHWEST 5 TO 7. MODERATE OR ROUGH. SQUALLY SHOWERS. MODERATE OR GOOD. _______________________________________________ yam mailing list [email protected] https://www.ietf.org/mailman/listinfo/yam
