ietf-nntp RFC977bis w.r.t. authentication

Larry Osterman (Exchange) larryo at Exchange.Microsoft.com
Tue May 5 16:36:00 PDT 1998


> > Some text regarding the encoding of the arguments to AUTHINFO GENERIC is
> > probably appropriate, personally I'd suggest BASE64 encoding (mostly
because
> > NNTP is a 7bit protocol and since the SASL packages toss around
arbitrary
> > binary data, it makes sense, and partly because that's what the MS
servers
> > have done :-)).
> 
> Is this already covered in other encoding chatter in the spec?

NNTP is an 8bit protocol in this spec.
************

As I posted earlier, I doubt it's 8bit enough.  Can it handle arbitrary CRLF
sequences in protocol elements?  Can it handle NULs in protocol elements?

The point is that authentication protocols have a nasty tendency of
generating a LOT of variible length binary data.  So you HAVE to define how
the SASL data is wrapped.  I know of 2 ways of doing this used by other
protocols.  LDAP BER encodes the binary data and transfers it that way
(which is reasonable since it's an ASN.1 protocol).  The other way is to
base64 the data and send the binary blobs as CRLF delimited strings (POP,
IMAP, and SMTP-AUTH) do this.

Since NNTP is a text protocol I'd STRONGLY suggest the latter.



More information about the ietf-nntp mailing list