ietf-nntp Re: WG Review: Simple Authentication and Security Layer
(sasl)
Ken Murchison
ken at oceana.com
Fri Dec 20 09:17:08 PST 2002
"Jeffrey M. Vinocur" wrote:
>
> On Fri, 20 Dec 2002, Ken Murchison wrote:
>
> > Maybe its just me, but you seem to be projecting your particular
> > implementation and its pros/cons on the entire community. I'm sure that
> > there are plenty of ISPs that can successfully provide secure
> > authentication without the *NEED* for a DSS-type mechanism. As I've
> > stated before, I can definitely see a fit for such a mechanism, but you
> > make it sound like nothing can be done without it.
>
> Mmm, I think Andrew's assessment of the needs of the NNTP community is
> more accurate than you realize. For example, the RADIUS authenticator
> that comes with INN is only marginally younger than the implementation of
> pluggable authentication itself, and judging by the periodic patches we
> receive, it's definitely being used in a fair number of different places.
I don't doubt that its accurate. What I'm trying to say (apparently
poorly ;) is that the entire SASL world, both inside and outside of
NNTP, is not dependent upon a DSS-style mech. SASL itself and the NNTP
profile can and should continue to move forward even in the absence of
such a mech.
Once again, probably much to Russ' dismay, we're rehashing the same
stuff. ;)
--
Kenneth Murchison Oceana Matrix Ltd.
Software Engineer 21 Princeton Place
716-662-8973 x26 Orchard Park, NY 14127
--PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp
More information about the ietf-nntp
mailing list