[NNTP] When to use 440 for POST?
Julien ÉLIE
julien at trigofacile.com
Thu Jun 24 08:17:55 PDT 2010
> In Section 6.3.1.3 of RFC 3977:
>
> Example of an attempt to post when posting is not allowed:
>
> [Initial connection set-up completed.]
> [S] 201 NNTP Service Ready, posting prohibited
> [C] POST
> [S] 440 Posting not permitted
>
>
> There is an edge-case with Section 2.2 of RFC 4643:
>
> Note that a server may perform a successful authentication exchange
> with a client and yet still deny access to some or all resources; the
> permanent 502 response indicates that a resource is unavailable even
> though authentication has been performed (this is in contrast to the
> temporary 480 error, which indicates that a resource is unavailable
> now but may become available after authentication).
>
> Does the following suggestion is right when POST is not allowed
> for the connected (and/or authentified) user?
> INN currently always answers 440 but it seems to be a bug.
For what is worth, the reference NNTP implementation always answers 440
(or 480) when the user cannot post.
But it still seems weird. RFC 4643 mentions that 502 is the right response
code, and not 440.
I'm still confused about the use of 440 and 502. Especially in the three
above cases where 440 and 502 are used.
INN 2.5.2 uses:
* greeting = 200
POST => 480 (440 was returned in INN 2.5.1 and below)
we authenticate
POST => 502
* greeting = 201
POST => 440
we authenticate anyway
POST => 440
Is it really what the protocol expects to do?
--
Julien ÉLIE
« Un sourire coûte moins cher que l'électricité
mais donne autant de lumière. » (Abbé Pierre)
More information about the ietf-nntp
mailing list