ietf-nntp AUTHINFO SASL protocol choices
Charles Lindsey
chl at clw.cs.man.ac.uk
Thu Apr 4 05:05:05 PST 2002
In <yl66381u78.fsf at windlord.stanford.edu> Russ Allbery <rra at stanford.edu> writes:
>Charles Lindsey <chl at clw.cs.man.ac.uk> writes:
>> No, I don't *shrug*. There is something seriously wrong with a system
>> which requires you to pass 64K just to authenticate yourself, in order
>> that you may then post a couple of articles amounting to maybe 2K. Talk
>> about the tail wagging the dog :-) .
>I think it's fairly sound protocol design to set a large upper limit. I
>don't know how they arrived at that particular number, but if I were doing
>so, I'd follow some logic chain like this:
Yes, but it is well known that if enough people independently supply their
own "factor of safety", then you can easily arrive at any outrageous
result.
I think the point is this. If the SASL people can specify a modest, but
reasonable, upper bound (say 4096), then we can define a mechanism that
does the whole thing in the headers.
But if their upper bound is to be over that reasonable amount, then we
shall have to define (and people will have to implement) a mechanism with
an 'escape' to multiline, even though it is most unlikely it would ever be
needed in real life.
--
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131 Fax: +44 161 436 6133 Web: http://www.cs.man.ac.uk/~chl
Email: chl at clw.cs.man.ac.uk Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
More information about the ietf-nntp
mailing list