ietf-nntp Response code issues
Clive D.W. Feather
clive at demon.net
Mon Mar 31 04:04:49 PST 2003
Jeffrey M. Vinocur said:
> > The only problem is if 483 can be returned to a client that has not invoked
> > anything outside the main NNTP specification. Is that so?
>
> The intent as written (can you be more specific about what's unclear so I
> can revise it?) is that 483 could be returned in response to any command
> should the server wish to indicate that encryption is required for that
> command.
But it never actually says that. You've got a heading "Authentication
response codes", which implies we're talking about authentication. Except
that we're not. You need to be more explicit that *any* client command,
from the base specification or any other extension, can return this code.
> Now, in practice, this is most likely to be AUTHINFO. But ?Russ described
> a scenario in which authentication is not necessary, but encryption is
> desired for a particular group. So while we *could* restrict 483 to being
> returned by AUTHINFO, I think that might be unnecessarily restrictive.
What bothers me is that we're rapidly introducing a situation where each
extension has a generic response code *for core commands* effectively
meaning "you can't do this until you've invoked this extension". First it
was 480 for authorisation, now 483 for encryption. What next? Please don't
say there won't be a next, because I'm skeptical in the extreme.
I could about swallow adding 480, because we've already got x8x for
authorisation, and the distinction between 480 and 502 is worth it. But I'm
very unhappy about this proliferation. I think more, and wider, debate is
needed.
>> 480 should mean "you could try authenticating" while 502 should mean "this
>> connection will never have access".
> Indeed -- I'm just not sure a strict reading of the text you had conveyed
> that accurately. I'm sure you'll clarify it adequately.
I have a rewording in the pipeline.
--
Clive D.W. Feather | Work: <clive at demon.net> | Tel: +44 20 8495 6138
Internet Expert | Home: <clive at davros.org> | *** NOTE CHANGE ***
Demon Internet | WWW: http://www.davros.org | Fax: +44 870 051 9937
Thus plc | | Mobile: +44 7973 377646
More information about the ietf-nntp
mailing list