ietf-nntp TLS and AUTHINFO interaction
Russ Allbery
rra at stanford.edu
Mon Mar 17 12:43:24 PST 2003
Jeffrey M Vinocur <jeff at litech.org> writes:
> Question as I consider how to phrase the revision suggested above. The
> existing text in question reads
> The server MUST discard any knowledge obtained from the client, such
> as the result of a previous authentication, which was not obtained
> from the TLS negotiation itself.
> If we disallow previous authentication, is there *any* knowledge that
> needs to be discarded, or should this whole sentence be removed?
I think it's worth keeping that bit in there and just changing the example
to instead be something like:
The server MUST discard any knowledge obtained from the client, such
as the current group and article number, which was not obtained from
the TLS negotiation itself.
That's certainly much less security-sensitive, but I think it makes the
point well enough, namely that any information received before negotiation
of TLS should be treated with suspicion.
> The only thing that could potentially be a true problem is if someone
> wants to *require* authentication before allowting STARTTLS. It's hard
> to come up with a realistic scenario for this (uh, I guess if TLS
> negotiation is expensive, the admin might want to put some sort of
> authentication step in front of it?) but if anybody else has a good
> one...
I can't think of one off-hand.
--
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
More information about the ietf-nntp
mailing list