The problem with the STARTTLS strategy is: you can't guarantee at the network level that a client will use SSL/TLS.
Guaranteeing that the client will use TLS is worthless anyway, since TLS includes the "None" encryption option.
-- /==========================================\ |John Stracke |jstracke@xxxxxxxxxxx | |Principal Engineer|http://www.centive.com | |Centive |My opinions are my own.| |==========================================| |Guide us, oh holy Lemming Herder! | \==========================================/
_______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf