Errata Search
RFC Number:		Errata ID:
Source of RFC		Status:	All/Any Verified+Reported Verified Reported Held for Document Update Rejected
Area Acronym:	All/Any app art gen int ops rai rtg sec tsv wit	Type:	All/Any Editorial Technical
WG Acronym:		Submitter Name:
Other:	All/Any IAB INDEPENDENT IRTF Legacy Editorial	Date Submitted:
Summary Table Full Records

RFC 4954, "SMTP Service Extension for Authentication", July 2007

Note: This RFC has been updated by RFC 5248

Source of RFC: IETF - NON WORKING GROUP
Area Assignment: app

---

Errata ID: 1020
Status: Rejected
Type: Editorial
Publication Format(s) : TEXT
Reported By: Alfred Hoenes
Date Reported: 2007-08-25
Rejected by: Alexey Melnikov
Date Rejected: 2007-08-25

Section 9 says:

(4)  Section 9 -- distorted sentence

The 4th paragraph of Section 9, on mid-page 14, says:

  [...]
  The AUTH=<> parameter prevents such an attack from causing a relayed
|  message and, in the absence of other envelope authentication, from
|  picking up the authentication of the relay client.

IMHO, this sentence is distorted and potentially misleading.
The RFC should perhaps better say:

  [...]
  The AUTH=<> parameter prevents such an attack from causing a relayed
|  message, in the absence of other envelope authentication, to pick up
  the authentication of the relay client.

This is essentially what RFC 2554 said in this place, and which makes
much more sense to me.

It should say:

-

Notes:

---VERIFIER NOTE---
I tend to disagree in this case. The "and" was certainly missing in the original text. I also think the new version is more readable.

Report New Errata