ietf-nntp TLS and AUTHINFO interaction

[Russ Allbery]

Harmeet Bedi <harmeet at kodemuse.com> writes:

> Here is a scenerio.
> - NNTPReader authenticates securely over plain socket and then upgrades to
> TLS for a secure channel.
> - TLS does not do mutual authentication and server already knows Reader
> identity.

The whole idea is basically that you're not supposed to do that.  You're
supposed to upgrade to TLS right away if you're going to use it, before
you authenticate.

-- 
Russ Allbery (rra at stanford.edu)             <http://www.eyrie.org/~eagle/>