Document: draft-daboo-srv-email-02.txt Reviewer: Suresh REview Date: 9/18/2009 IETF LC Date: 9/17/2009 For background on Gen-ART, please see the FAQ at . Please resolve these comments along with any other Last Call comments you may receive. Summary: This draft is almost ready for publication as Proposed Standard, but I have a few comments. Major ===== * It is not clear how this draft applies to the case where the username on the mail server is neither the email address or the local part of the email address. In particular, the draft does not specify what happens when both these alternatives fail. I think a fallback needs to be specified on the client guidance. Something like "If both these user identifiers result in an authentication failure, the mail client MUST prompt the user to manually enter the user identifier and use it for further authentication attempts." would clarify the fallback scenario. Minor ==== * RFC4366 has been obsoleted by RFC5246. Unless there is a specific reason for this draft to use TLS 1.1 this must be updated. * Section 5b: How do the service providers install a certificate that matches the email domain name that the client used? Maybe a reference to RFC2595 may be useful here?