ietf-nntp 502 response
Clive D.W. Feather
clive at demon.net
Mon Jan 7 01:37:57 PST 2002
Andrew Gierth said:
> Clive> Under what circumstances do real servers return 502 ?
> >> on connect, or after a failed AUTHINFO exchange, nowhere else.
Is that your server, or can you really speak for all common servers ?
> Clive> It's given as a response for MODE READER
> actually that one is in line with existing practice;
I don't have a problem with this.
> Clive> and as a generic code meaning "you're not authorised to use
> Clive> this facility" (a possible example of this might be GROUP with
> Clive> a restricted-access group).
> This one is very marginal. Existing practice is to respond "no such
> group" if the user does not have access to the group.
The example was my own. But 502 is a generic response in section 4.1.1.
> I don't like the current description of 502 because if permission for
> something is denied, normally one would expect that only
> authentication would change that condition, implying that the response
> should have been 480 in the first place.
>
> I think we need to include 480 in this document even though we can't
> incorporate the rest of the authentication stuff, because otherwise
> authentication would break the "server MUST NOT produce any other
> responses to a client that does not invoke any of the additional
> features" rule.
That's a good point.
> Clive> Does anyone have a server that uses 502 for "something broke" ?
> Clive> Do we need a "something broke" generic code ?
> that's what 503 is used for in existing practice
Hmm. We've documented 503 as "I don't support this and I don't plan to".
--
Clive D.W. Feather | Work: <clive at demon.net> | Tel: +44 20 8371 1138
Internet Expert | Home: <clive at davros.org> | Fax: +44 20 8371 4037
Demon Internet | WWW: http://www.davros.org | Mobile: +44 7973 377646
Thus plc | |
More information about the ietf-nntp
mailing list