Hi all,
In draft-ietf-uta-email-deep-01, it is said:
If the client issues a
STARTTLS command, a TLS handshake follows that can upgrade the
connection. While this mechanism has been deployed, an alternate
mechanism where TLS is negotiated immediately at connection start on
a separate port (referred to in this document as "Implicit TLS") has
been deployed more successfully. To increase use of TLS, this
specification recommends use of implicit TLS by new POP, IMAP and
SMTP Submission software.
Is it really the new recommendation for Applications?
In RFC 4642 for NNTP, we have the following wording:
In some existing implementations, TCP port 563 has been dedicated to
NNTP over TLS. These implementations begin the TLS negotiation
immediately upon connection and then continue with the initial steps
of an NNTP session. This use of TLS on a separate port is
discouraged for the reasons documented in Section 7 of "Using TLS
with IMAP, POP3 and ACAP" [TLS-IMAPPOP].
Should it be changed?
--
Julien ÉLIE
« – Il est vraiment très frêle cet esquif !
– Il vaudrait mieux ne pas prendre de risques.
– Des risques ? Une galère fortement armée contre un frêle
esquif ?
– Un frêle esquif plein de Gaulois ! » (pirates)
_______________________________________________
Uta mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/uta
