Mark,
In my reading of the draft, it seems like there may be a conflict in wording between sections 6.1.1 (describing CAPABILITY) and the wording of sections 6.2.2 (describing AUTHENTICATE) and 11.2 (Security considerations).
6.1.1 reads:
"Client and server implementations MUST implement the STARTTLS, LOGINDISABLED, and AUTH=PLAIN (described in [IMAP-TLS]) capabilities. See the Security Considerations section for important information."
6.2.2 and 11.2 both make allowances for either STARTTLS or "some other mechanism that protects the session from password snooping". Should "some other mechanism" be added to 6.1.1 as well?
thanks,
Brendan
| From: | Mark Crispin |
| Sent: | Mon 9/30/2002 10:13 AM |
| To: | IMAP Interest List |
| Cc: | [EMAIL PROTECTED] |
| Subject: | new base, MULTIAPPEND drafts |
Draft 19 of the base specificationis now available at: http://www.ietf.org/internet-drafts/draft-crispin-imapv-19.txt I would like to go to Last Call on this as soon as possible. Before doing that, I would like to ask Vladimir to see if it satisfactory addresses the issues that he raised, or if we'll need a draft 20. I would like, as much as possible, to eschew mathematical language. Many problems have been due to people making incorrect presumptions based upon mathematical rules. A related problem has come up in which English and mathematics use the same word, but have different meanings; e.g. "between" and "inclusive". It should be possible for someone without a mathematics PhD to understand IMAP, for someone with a mathematics PhD to under IMAP, and for those two individuals to have the *same* understanding. In addition, draft 07 of the MULTIAPPEND specification, addressing the IESG nits presented by Ned, is at: http://www.ietf.org/internet-drafts/draft-crispin-imap-multiappend-07.txt There are otherwise no substantive changes from earlier versions. -- ----------------------------------------------------------------- For information about this mailing list, and its archives, see: http://www.washington.edu/imap/imap-list.html -----------------------------------------------------------------
