ietf-nntp Virtual hosts in NNTP servers

Rob Siemborski rjs3 at andrew.cmu.edu
Tue Feb 25 12:23:45 PST 2003


On Tue, 25 Feb 2003, Russ Allbery wrote:

> One could, as you mention, define a new extension for this, but honestly
> it would be easier to change the clients to use SASL ANON to authenticate
> and give a domain than it would be to add yet a new command, once SASL is
> the way that authentication is done for news.  And in the interim, one
> could pretty easily modify the clients to send USER/PASS using AUTHINFO,
> more easily than modify them to send a new command.

SASL ANONYMOUS won't work for this, since it specifically disallows
attaching *any* information to the "anonymous" authorization identity (or
the associated logging text).

That is, SASL ANONYMOUS won't give you anonymous at realm, it will just give
you anonymous.  This was recently discussed on the ietf-sasl list.

-Rob

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Rob Siemborski | Andrew Systems Group * Research Systems Programmer
PGP:0x5CE32FCC | Cyert Hall 207 * rjs3 at andrew.cmu.edu * 412.268.7456
-----BEGIN GEEK CODE BLOCK----
Version: 3.12
GCS/IT/CM/PA d- s+: a-- C++++$ ULS++++$ P+++$ L+++(++++) E W+ N o? K-
w O- M-- V-- PS+ PE++ Y+ PGP+ t+@ 5+++ R@ tv-@ b+ DI+++ G e h r- y?
------END GEEK CODE BLOCK-----




More information about the ietf-nntp mailing list