ietf-nntp Currently outstanding issues
Clive D.W. Feather
clive at demon.net
Fri May 2 08:28:02 PDT 2003
Jeffrey M. Vinocur said:
> Here's the text:
>
> | [... man-in-the-middle attacks ...] An NNTP client can partially
> | protect against these attacks by recording the fact that a particular
> | NNTP server offers TLS during one session and generating an alarm if it
> | does not appear in the LIST EXTENSIONS response for a later session.
That doesn't use the word "caching", and it isn't caching, so I feel that
that wording is fine.
> So I'm trying to decide if the second sentence from 5.3.2 above is the
> (normative) definition of "use in another session", or just a (n
> informative) clarification.
Doesn't matter - the whole point of what you're doing is that the copy
you're storing *isn't* the "correct and current information".
--
Clive D.W. Feather | Work: <clive at demon.net> | Tel: +44 20 8495 6138
Internet Expert | Home: <clive at davros.org> | *** NOTE CHANGE ***
Demon Internet | WWW: http://www.davros.org | Fax: +44 870 051 9937
Thus plc | | Mobile: +44 7973 377646
More information about the ietf-nntp
mailing list