ietf-nntp 502 response

[Clive D.W. Feather]

Andrew Gierth said:
>  Clive> Under what circumstances do real servers return 502 ?
>  >> on connect, or after a failed AUTHINFO exchange, nowhere else.

Is that your server, or can you really speak for all common servers ?

> Clive> It's given as a response for MODE READER
> actually that one is in line with existing practice;

I don't have a problem with this.

>  Clive> and as a generic code meaning "you're not authorised to use
>  Clive> this facility" (a possible example of this might be GROUP with
>  Clive> a restricted-access group).
> This one is very marginal. Existing practice is to respond "no such
> group" if the user does not have access to the group.

The example was my own. But 502 is a generic response in section 4.1.1.

> I don't like the current description of 502 because if permission for
> something is denied, normally one would expect that only
> authentication would change that condition, implying that the response
> should have been 480 in the first place.
> 
> I think we need to include 480 in this document even though we can't
> incorporate the rest of the authentication stuff, because otherwise
> authentication would break the "server MUST NOT produce any other
> responses to a client that does not invoke any of the additional
> features" rule.

That's a good point.

>  Clive> Does anyone have a server that uses 502 for "something broke" ?
>  Clive> Do we need a "something broke" generic code ?
> that's what 503 is used for in existing practice

Hmm. We've documented 503 as "I don't support this and I don't plan to".

-- 
Clive D.W. Feather  | Work:  <clive at demon.net>   | Tel:  +44 20 8371 1138
Internet Expert     | Home:  <clive at davros.org>  | Fax:  +44 20 8371 4037
Demon Internet      | WWW: http://www.davros.org | Mobile: +44 7973 377646
Thus plc            |                            |