ietf-nntp Virtual hosts in NNTP servers
Jeffrey M. Vinocur
jeff at litech.org
Wed Feb 26 17:05:13 PST 2003
On Wed, 26 Feb 2003, Russ Allbery wrote:
> Joao Prado Maia <jpm at papercut.org> writes:
>
> > They will obviously ask the reason for them needing to enter an
> > 'anonymous' type user and mark 'My server requires authentication' in
> > something that doesn't really require authentication - that's the
> > definition of anonymous access, after all.
>
> It's a hack, but it's a hack that's also widely used by other protocols
> with this same issue.
On the other hand, the fact that it requires every user configuring
another option is a tad ugly.
> I don't think anyone's saying that a HOST command
> wouldn't be cleaner, just that it turns out not to be strictly necessary.
I agree it's not necessary, but for different reasons :-)
I'm still not convinced that virtualhosting like this is really that
useful. I mean, if an anonymous connection from a particular IP is going
to be able to access certain groups with one hostname, and certain other
groups on the other hostname, I really don't see the benefit to separating
them -- if anything, it's a bit reminiscent of security-by-obscurity. The
only case where this wouldn't work is if newsgroup names aren't unique
across virtualhosts (e.g. if you have two *different* local.support
groups, or something), but I can't imagine any server has support for that
either. In other words, the *content* of the servers is never
conflicting, so the union of access permissions would work just fine.
On the other hand, if the consensus is that the view I describe above is
silly (and I'm certainly not passionate about this!), I'd say it's worth
making an extension for this.
> I have no objections to someone writing up a HOST extension that behaves
> as you specify.
Since I'm going to have to resubmit the STARTTLS draft after IETF, it
seems, I can probably have this done by then as well.
I'll separate it out from the STARTTLS stuff into a separate document, I
think. The more the merrier, right?
--
Jeffrey M. Vinocur
jeff at litech.org
More information about the ietf-nntp
mailing list