ietf-nntp TLS and AUTHINFO interaction
Russ Allbery
rra at stanford.edu
Sun Mar 16 23:26:14 PST 2003
Jeffrey M Vinocur <jeff at litech.org> writes:
> On Mon, 3 Mar 2003, Ken Murchison wrote:
>> - section 4.3: Instead of flushing the authentication info, why not
>> just say that the STARTTLS command is only valid in the
>> non-authenticated state (didn't we already decide that we shouldn't
>> allow multiple authentications)? RFC 2595 does this.
> People?
I generally agree with Ken, but there's one problem that comes to mind.
Suppose that a server generally requires authentication for everyone. It
also has a particular newsgroup that requires transport security (maybe it
contains confidential corporate information or something).
What happens when someone connects, authenticates as normal, reads some
Big Eight news without encryption (since it's all public data anyway), and
then tries to read that private internal group?
If we disallow STARTTLS after authentication, that client would have to
disconnect and then reconnect with STARTTLS at first.
I don't think this is that common of a problem, but on the other hand it
does seem like we could allow for it by flushing the authentication data
after STARTTLS. But I don't feel strongly about it.
--
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
More information about the ietf-nntp
mailing list