ietf-nntp AUTHINFO (was: Commetns on draft-15.pdf)

[Russ Allbery]

Charles Lindsey <chl at clw.cs.man.ac.uk> writes:

> P62. S14.3 (Authentication)

> We took AUTHINFO out of an earlier draft, because it was not well enough
> understood. Are we in a position to bring it back yet? In this section
> we are apparently "strongly encouraging" people to use it, but we do not
> say how.

We took AUTHINFO out because it belongs in a separate draft and the
existing clear-text password mechanism will not meet IETF scrutiny.  This
remains true and authentication still belongs in a separate document.
It's far too complicated to try to address as part of this document, and
is also optional for many news servers.

The current wording does not strongly encourage people to use it.  It
strongly encourages server authors to include it, which is a different
thing.

-- 
Russ Allbery (rra at stanford.edu)             <http://www.eyrie.org/~eagle/>