ietf-nntp TLS cipher renegotation to NULL cipher

Ken Murchison ken at oceana.com
Wed Feb 12 07:10:42 PST 2003


Charles Lindsey wrote:
> 
> There seems to be a total lack of understanding in other communities of
> the sheer volume carried by large NNTP servers. And the idea that they
> should spend money on installing hardware encryptors for material that
> never needed encrypting in the first place - well my mind just boggles.


I'm not going to get into a pissing match, although I tend to be good at
it.  Here's my position on this, which is in the interest of making
progress without closing any doors.

Given the fact that there aren't _any_ documented standards regarding
the use of TLS and SASL in NNTP, not to mention _any_ interoperable
implementations, how can anyone say with any level of certainty that
TLS/PLAIN will or will not be a realistic approach for NNTP?  You may be
entirely correct in your assertion that we're all clueless and that
using TLS to encrypt entire NNTP connections will simply bring Usenet to
a screeching halt, but until there is some actual working code and some
hard evidence, lets defer judgement.

_Nothing_ that is being proposed at this point will hinder/prevent a
solution which best fits the needs of this community.  Think of TLS and
SASL as a platform or framework on which solutions can be built. 
Between the two, we have a lot of flexibility, and I'm sure that we can
find solution(s) that will work for everybody.

<rant>

It appears from the incredible pace at which the other workproducts of
the NNTP related WGs are proceeding, that there tends to be a habit of
trying to find solutions to problems that don't yet exist or
bickering/obsessing on details that can be resolved after testing. 
Let's not do that here.  Also, blindly dismissing the advice of others
that have been there and done that (eg, IMAP, SMTP, POP) will probably
continue to stunt progress of this WG and/or make it difficult to get
anything past the IETF/IESG.

Now, lets get some friggin' drafts out the door and get some
implementations to test with.  Cyrus is already done, I just need some
text to be compliant with.  Rome wasn't built in a day, but they sure as
shit laid a few bricks once in a while.

</rant>
-- 
Kenneth Murchison     Oceana Matrix Ltd.
Software Engineer     21 Princeton Place
716-662-8973 x26      Orchard Park, NY 14127
--PGP Public Key--    http://www.oceana.com/~ken/ksm.pgp



More information about the ietf-nntp mailing list