Stephen Warren wrote: > Bernard Johnson wrote: >> When you implement this [STARTTLS], consider: > >> -tls = on/off/optional > >> on = tls is always on and required >> off = tls is always off and not announced >> optional = tls is announced and client can use tls or proceed w/o tls > > I knew that somebody was going to ask for that (the "optional" flag) :-) > > My question is, though, why? At least in my environment, if I roll out > SMTP AUTH, then I want to make 100% sure that it's running over an > encrypted channel so as not to expose passwords. For that reason, I > specifically don't want to enable the "optional" value you mentioned on > my systems.
In cases where new features or security requirements are mandated, I think it is fairly common for system administrators to add a feature like this as "existing but not required" throughout a sunset period where users can start using the feature but it is not required. This helps in a couple of areas. It gives a slow-start to the rollout so that early adopters can root out any problems with the service. It also give the OPTION of allowing users ample time to make technology upgrades if required. > Is CRAM-MD5 safe even over a plain-text channel? Perhaps that would > explain it. AUTH PLAIN certainly isn't... That lies outside the argument I'm making, but I'm fairly certain that you are correct. _________________________________________________ tmda-workers mailing list ([email protected]) http://tmda.net/lists/listinfo/tmda-workers
