ietf-nntp TLS and AUTHINFO interaction
Russ Allbery
rra at stanford.edu
Mon Mar 17 19:38:17 PST 2003
Jeffrey M Vinocur <jeff at litech.org> writes:
> I was planning on lumping the already-authenticated state in with the
> already-established-TLS state; in both cases STARTTLS would not appear
> in list extensions, the client would be expected to know not to try it,
> and any attempt to try it would be met with 500. The two cases seem
> very similar to me.
Hm... is it kosher to have LIST EXTENSIONS change after authentication?
It seems like we're asking the client to use LIST EXTENSIONS a lot, since
it's supposed to use that first to check to see if AUTHINFO SASL or
STARTTLS are supported too....
Having LIST EXTENSIONS change bothers me vaguely, although I know that the
client does need to reissue after STARTTLS for other reasons, and I guess
for STARTTLS at least that this is the way other protocols have done it.
But if we could avoid making the client reissue LIST EXTENSIONS after
authentication, I think I'd prefer it. Hm. But I guess I don't have that
strong of an opinion.
--
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
More information about the ietf-nntp
mailing list