ietf-nntp RFC977bis w.r.t. authentication
Brian Hernacki
bhern at netscape.com
Wed May 13 09:25:29 PDT 1998
Chris Newman wrote:
>
> On Thu, 7 May 1998, Brian Hernacki wrote:
> > Just to add my two cents, I think the right thing to do is document the
> > existing AUTHINFO scheme (which I would say is AUTHINFO USER/PASS) and
> > do a seperate document to define AUTHINFO GENERIC.
>
> The IESG requires that if we include an authentication mechanism of any
> sort, we include a fully-specified one that does not send an unencrypted
> plaintext password over the wire. Thus your proposal can't be
> standardized.
We're not writing a new protocol, but just clarifying an existing one.
Our charter is pretty specific about this.
--brian
Opinions are mine, not Netscape's
More information about the ietf-nntp
mailing list