> So absent other commentary, I believe the first paragraph should go in the > document: > > === > 2.9 STARTTLS Command Injection Attack (CVE-2011-0411) > > A number of IETF application protocols have used an application-level command, > usually STARTTLS, to upgrade a clear-text connection to use TLS. Multiple > implementations of STARTTLS had a flaw where an application-layer input buffer > retained commands that were pipelined with the STARTTLS command, such that > commands received prior to TLS negotiation are executed after TLS negotiation. > This problem is resolved by requiring the application-level command input > buffer to be empty before negotiating TLS. Note that this flaw lives in the > application layer code and does not impact the TLS protocol directly. > === > > This is an important motivation for design decisions in: > http://tools.ietf.org/html/draft-newman-email-deep-02 >
Speaking as an individual that seems reasonable. Yaron? Others? _______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
