Message 223322 - Python tracker

➜

This issue tracker has been migrated to GitHub , and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

In-reply-to
Author	loewis
Recipients	barry, jesstess, loewis, pitrou, r.david.murray, zvyn
Date	2014年07月17日.08:31:39
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1405585899.28.0.633222412516.issue21935@psf.upfronthosting.co.za>

Content
RFC 4954 states Note: A server implementation MUST implement a configuration in which it does NOT permit any plaintext password mechanisms, unless either the STARTTLS [SMTP-TLS] command has been negotiated or some other mechanism that protects the session from password snooping has been provided. Server sites SHOULD NOT use any configuration which permits a plaintext password mechanism without such a protection mechanism against password snooping. So I'm -1 on this patch, and also on the feature until STARTTLS is implemented (and then this patch needs to be updated to conform to this requirement).

Content

RFC 4954 states
 Note: A server implementation MUST implement a configuration in which
 it does NOT permit any plaintext password mechanisms, unless either
 the STARTTLS [SMTP-TLS] command has been negotiated or some other
 mechanism that protects the session from password snooping has been
 provided. Server sites SHOULD NOT use any configuration which
 permits a plaintext password mechanism without such a protection
 mechanism against password snooping.
So I'm -1 on this patch, and also on the feature until STARTTLS is implemented (and then this patch needs to be updated to conform to this requirement).

History
Date	User	Action	Args
2014年07月17日 08:31:39	loewis	set	recipients: + loewis, barry, pitrou, r.david.murray, jesstess, zvyn
2014年07月17日 08:31:39	loewis	set	messageid: <1405585899.28.0.633222412516.issue21935@psf.upfronthosting.co.za>
2014年07月17日 08:31:39	loewis	link	issue21935 messages
2014年07月17日 08:31:39	loewis	create

homepage