Bug#221689: [Pkg-openssl-devel] Bug#221689: Checking the existence of the bug.

James Westby jw+debian at jameswestby.net
Tue Aug 1 18:30:03 UTC 2006


On (01/08/06 18:03), Kurt Roeckx wrote:
> On Mon, Jul 31, 2006 at 11:57:09PM +0100, James Westby wrote:
> > It is marked as wishlist as this is by design really. 
> > 
> > openssl cannot know how to speak every protocol, and know when to send
> > STARTTLS for each, so it just does it at the start. 
> 
> But it does support 2 protocols, smtp and pop3.  It just doesn't
> support them very well.  

My apologies, I hadn't seen that starttls took a keyword as well. Maybe
it could be fixed then, but the messages in the thread referenced in the
bug sugggests that upstream are unwilling to.

> I'm not not familiar with the smtp
> protocol enough to know what you can send STARTTLS.  exim4 above
> claims it wasn't advertised.  So I wonder when it gets
> advertised, and wether it supports it or not.

exim4 demands that you send an EHLO first then check if STARTTLS is
advertised, then send STARTTLS. s_client appears to send it straight
away. I'm not sure how right exim is in this, but it sounds reasonable.

> I currently of the opinion that it the best option for that is
> that the user has to type "STARTTLS" himself.

That may be reasonable. I'm not sure when the first bug would arrive
that required sending STARTTLS before intending to start it (e.g. if it
was your hostname), but I'm sure it would be quite a while. 

Perhaps this could be suggested to upstream?

My apologies for speaking too quickly. 

James

-- 
  James Westby
  http://jameswestby.net/
  seccure key - (3+)k7|M*edCX/.A:n*N!>|&7U.L#9E)Tu)T0>AM - secp256r1/nistp256





More information about the Pkg-openssl-devel mailing list