RFC 3207 (rfc3207) - Page 2 of 9

SMTP Service Extension for Secure SMTP over Transport Layer Security

RFC 3207     SMTP Service Extension - Secure SMTP over TLS February 2002


   TLS [TLS], more commonly known as SSL, is a popular mechanism for
   enhancing TCP communications with privacy and authentication.  TLS is
   in wide use with the HTTP protocol, and is also being used for adding
   security to many other common protocols that run over TCP.

   This document obsoletes RFC 2487.

1.1 Terminology

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in [RFC 2119].

2. STARTTLS Extension

   The STARTTLS extension to SMTP is laid out as follows:

   (1) the name of the SMTP service defined here is STARTTLS;

   (2) the EHLO keyword value associated with the extension is STARTTLS;

   (3) the STARTTLS keyword has no parameters;

   (4) a new SMTP verb, "STARTTLS", is defined;

   (5) no additional parameters are added to any SMTP command.

3. The STARTTLS Keyword

   The STARTTLS keyword is used to tell the SMTP client that the SMTP
   server is currently able to negotiate the use of TLS.  It takes no
   parameters.

4. The STARTTLS Command

   The format for the STARTTLS command is:

   STARTTLS

   with no parameters.

   After the client gives the STARTTLS command, the server responds with
   one of the following reply codes:

   220 Ready to start TLS
   501 Syntax error (no parameters allowed)
   454 TLS not available due to temporary reason




Hoffman                     Standards Track