ietf-nntp AUTHINFO SASL protocol choices
Jeffrey M. Vinocur
jeff at litech.org
Tue Apr 2 08:58:44 PST 2002
On Tue, 2 Apr 2002, Charles Lindsey wrote:
> In <Pine.LNX.4.33.0203302127330.24120-100000 at marduk.litech.org> "Jeffrey M. Vinocur" <jeff at litech.org> writes:
>
> >1. Do we want to instruct/permit servers to limit the amount of data
> > sent in this fashion?
>
> If a server sees a command line longer than it cares to handle (512 or
> whatever) then I suppose it can ignore the excess and return a suitable
> 5xx response, giving the client an opportunity to try a more sensible
> approach.
Fine. Is there consensus on this going into the base spec?
> Or else it can drop the connection (I think it is the server's
> choice).
Eh, ok.
> But if the server receives more than it cares to accept
> during a multiline command, then dropping the connection is its only
> real option (it is no different than when the client tries to POST a
> 200MB article which exceeds whatever limit the server accepts).
Agreed.
> > It sounds like the SASL spec will put a hard limit on this, which
> > is great.
>
> Then one hopes it will be a smallish limit. If you can do an unforgeable
> PGP signature in 1024 octets, then it should not be beyond the wit of man
> to devise a satisfactory SASL negotiation in a similar amount.
Yeah. Any nontrivial length is guaranteed to be sufficient; if a response
needs more than will fit, the mechanism can specify a way to fragment the
response into appropriately sized pieces. The only issue is picking a
size large enough to avoid most extra roundtrips, and they seem to think
64 K is necessary. *shrug*
--
Jeffrey M. Vinocur
jeff at litech.org
More information about the ietf-nntp
mailing list