ietf-nntp My notes from the NNTP WG meeting at the 37thIETF
Rich Salz
rsalz at osf.org
Fri Dec 20 11:42:10 PST 1996
At the time Chris proposed the groundwork for AUTHINFO GENERIC, I was
running out of energy to work on INN. I reviewed, and reshaped, the
protocol and his document.
The intent was that AUTHINFO LIST show you what crypto-mechs were
supported by the server, and the client picks one. AUTHINFO GENERIC
was intended to be a really simple mapping right onto GSSAPI.
By the time the code and "spec" got out there, I had given up almost all
work on NNTP. I also didn't know enough about SASL, but at the time
AG :) was only lagging about two months behind SASL. John ran really
hard with his implementation, etc., so the gap is now probably six
months in terms of finish AG, quality of implementation, etc. I don't
know what's the better course of action, primarily because I don't know
much about SASL. For example, does it include negotiation that is not
suspect to man-in-the-middle downgrading? (I.e., it's not CAT-IETF SNEGO?)
/r$
More information about the ietf-nntp
mailing list