ietf-nntp RFC977bis w.r.t. authentication

Larry Osterman (Exchange) larryo at Exchange.Microsoft.com
Tue May 5 15:26:51 PDT 1998


As far as I know, the IEGS is requiring that ALL standardized protocols have
security.  Especially the application protocols.



Larry Osterman
Sent from larryo-laptop.dns.microsoft.com running NT5 and Outlook 98 and
Exchange Server 5.5.  Please notify the sender of any difficulties


-----Original Message-----
From: Brian Kantor [mailto:brian at karoshi.ucsd.edu]
Sent: Tuesday, May 05, 1998 2:50 PM
To: ietf-nntp at academ.com
Subject: Re: ietf-nntp RFC977bis w.r.t. authentication


So is the IESG requiring people to add authentication to protocols
which don't have any?

NNTP didn't, and for the majority of installations, still doesn't use any.
Most NNTP sites use the DNS for authorization, and don't really care who
is accessing them as long as they're in the right domain or netblock.

My claim is that AUTHINFO is a non-standard addition to the protocol,
since each of the various implementations does it differently.

I still think that NNTP Authentication is better left to a separate
document.
That can be standardised when there is some concensus achieved.

I'll shut up now.
	- Brian



More information about the ietf-nntp mailing list