Re: Last Call: SMTP Service Extension for Secure SMTP over TLS to Proposed Standard

[Keith Moore <moore@xxxxxxxxxx>]

> > I agree that we shouldn't worry about being non-interoperable with
> > nonexistent implementations.  But I seriously question whether you
> > can determine that there aren't a significant number of such
> > implementations.  I expect there would be a delay between deployment
> > of such implementations and use of the STARTTLS feature, so the
> > "would not survive in the wild" argument is, for me, unpersuasive.
> 
> Surely *someone* would have heard of such an implementation if it
> existed anywhere?

I've seen zero discussion of the extent of broken vs. conforming 
implementations in groups that are frequented by SMTP implementors.
All I've seen is your claim that most client implementations fail to 
follow the spec in sending TLS 1.0 Hello messages.  No offense,
but I don't think that's sufficient justification to change the spec.

Keith