ietf-nntp Server response length limits
Jeffrey M. Vinocur
jeff at litech.org
Wed Mar 13 07:12:25 PST 2002
On 13 Mar 2002, Andrew Gierth wrote:
> >>>>> "Jeffrey" == Jeffrey M Vinocur <jeff at litech.org> writes:
>
> Jeffrey> The reason I asked the above was because we're running into
> Jeffrey> issues with the line lengths, as SASL sometimes likes to put
> Jeffrey> data in the initial command of the exchange.
>
> Is it actually necessary for this info to be in the form of
> single-line responses rather than multi-line ones (which _do_ allow
> lines of unlimited length)?
>
> otherwise your approach seems reasonable
The trouble is we need to exchange data both directions. If people are
interested, I will enumerate *all* of the schemes I've been able to come
up with, and you can comment.
> Is there any likelyhood of a SASL scheme showing up that allows for
> third-party authentication via an existing protocol?
- There's no reason in principle it can't be done. You want
a security layer negotiated (on they fly, like SSL) to
protect the password, and then dropped as soon as the
authentication phase is done. (All of this would be
hidden by SASL, of course.)
- I'm an NNTP person, not a SASL person...I have no idea if
anybody's working on this. It doesn't seem tremendously
difficult, though; I might be willing to work on it once
the AUTHINFO scheme is done.
- I agree we need one for news. Note however that using
SASL with only the mechanisms available is a strict improvement
over the current situation. (And it provides room to do
something like I describe above in the future.)
--
Jeffrey M. Vinocur
jeff at litech.org
More information about the ietf-nntp
mailing list