[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Rationale for this change?
From: |
David Kastrup |
Subject: |
Re: Rationale for this change? |
Date: |
Thu, 29 Dec 2005 12:56:31 +0100 |
User-agent: |
Gnus/5.11 (Gnus v5.11) Emacs/22.0.50 (gnu/linux) |
Simon Josefsson <address@hidden> writes:
> David Kastrup <address@hidden> writes:
>
>> 2005-12-05 Ralf Angeli <address@hidden>
>>
>> * mail/smtpmail.el (smtpmail-try-auth-methods):
>> Send credentials together with "AUTH PLAIN" command.
>>
>> Could you shed any light on what problem this change is intended to
>> fix?
>
> The AUTH PLAIN command is not sent if the server did not advertise
> support for AUTH PLAIN. See RFC 2554. The earlier behavior violated
> a SHOULD in RFC 2222 § 5.1.
>
> So security-wise, it is not worse than before.
Ah, ok. I think rationales like that should be mentioned in the
ChangeLog. Even if just as "(RFC 2222 § 5.1)".
--
David Kastrup, Kriemhildstr. 15, 44793 Bochum