[ietf-nntp] Initial greeting 400 v 502
Russ Allbery
rra at stanford.edu
Thu Dec 18 10:28:02 PST 2003
Clive D W Feather <clive at demon.net> writes:
> If the server is not going to offer service, it MUST present a 400 or
> 502 and close the connection. The draft says:
> 502 MUST be used if the client is not permitted under any
> circumstances to interact with the server and 400 otherwise.
> The intent was that 502 meant things like "you're not a customer" and
> 400 meant things like "limit on total simultaneous connections
> reached". But what about "limit on connections from this IP address
> reached". 400 would be the more sensible code for this.
> However, says the poster, what if the limit is being tracked in an
> authentication subsystem that is separate from the server and just
> returns a yes/no answer? What response should be used then?
> My inclination is to adjust the wording so that such a limit fits in
> 502. That is, 400 means that a simple sleep-then-retry loop will, in
> principle, eventually succeed while 502 means that something external to
> this link must happen (either server configuration needs to change, or
> the client needs to drive a third party - treating a second
> client-server link as such a third party - to do something).
> Anyone have a problem with that approach? If not, can anyone think of
> better wording?
How about this:
400 SHOULD be used if the client is only temporarily not permitted to
interact with the server (because of load, for example). 502 MUST be
used if the client is not permitted under any circumstances to
interact with the server, or if the server does not have sufficient
information to determine whether the denial of authorization is
temporary or permanent.
--
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
More information about the ietf-nntp
mailing list