ietf-nntp TLS response codes

Ken Murchison ken at oceana.com
Thu Mar 20 10:01:20 PST 2003


Russ Allbery wrote:
> 
> Clive D W Feather <clive at demon.net> writes:
> > Russ Allbery said:
> 
> >> For using STARTTLS after encryption is already active, we're removing
> >> STARTTLS from the available extensions after it successfully completes,
> >> right?  That would indicate that 500 is the right error code to use;
> >> after all, it's no longer a recognized command.
> 
> > Disagree, and I think this sends the wrong message. Surely it's 502:
> 
> >     If the client is not authorized to use the specified facility
> >     when the server is in its current state, the response code
> >     502 MUST be returned.
> 
> Okay, yes, good point.  I agree, 502 would be better.


Would this same code also apply to a reauth attempt when the server
doesn't allow it?

-- 
Kenneth Murchison     Oceana Matrix Ltd.
Software Engineer     21 Princeton Place
716-662-8973 x26      Orchard Park, NY 14127
--PGP Public Key--    http://www.oceana.com/~ken/ksm.pgp



More information about the ietf-nntp mailing list