ietf-nntp Response code issues
Jeffrey M. Vinocur
jeff at litech.org
Mon Mar 31 14:29:54 PST 2003
On Mon, 31 Mar 2003, Clive D.W. Feather wrote:
> Jeffrey M. Vinocur said:
>
> > The intent as written (can you be more specific about what's unclear so I
> > can revise it?) is that 483 could be returned in response to any command
> > should the server wish to indicate that encryption is required for that
> > command.
>
> But it never actually says that.
"An NNTP server MAY respond to any client command with a 483 response"
But you're right that the section title is kinda confusing. Perhaps
something like "New Generic Response Code" would be better?
> You've got a heading "Authentication response codes", which implies
> we're talking about authentication. Except that we're not.
Yeah, it's left over from the old combined draft.
> > Now, in practice, this is most likely to be AUTHINFO. But ?Russ described
> > a scenario in which authentication is not necessary, but encryption is
> > desired for a particular group. So while we *could* restrict 483 to being
> > returned by AUTHINFO, I think that might be unnecessarily restrictive.
>
> What bothers me is that we're rapidly introducing a situation where each
> extension has a generic response code *for core commands* effectively
> meaning "you can't do this until you've invoked this extension". First it
> was 480 for authorisation, now 483 for encryption. What next? Please don't
> say there won't be a next, because I'm skeptical in the extreme.
>
> I could about swallow adding 480, because we've already got x8x for
> authorisation, and the distinction between 480 and 502 is worth it. But I'm
> very unhappy about this proliferation. I think more, and wider, debate is
> needed.
Believe me, I'd be happy to have wider debate -- I can't do anything that
will get anyone to speak up!
I see your point, though, and I'm not sure what to do about it.
--
Jeffrey M. Vinocur
jeff at litech.org
More information about the ietf-nntp
mailing list