ietf-nntp Draft 20 pre-release 2
Rob Siemborski
rjs3 at andrew.cmu.edu
Fri Oct 10 06:24:32 PDT 2003
On Fri, 10 Oct 2003, Clive D.W. Feather wrote:
> > This is highly unacceptable behavior that I strongly suspect will not make
> > it past the IESG. The only solution to this is to keep the text of 5.3
> > and not encourage implementations to cache results at any point in the
> > document (remove 11.6, or replace with a strong anti-caching stance).
>
> I don't understand your vehemence here. We agreed a month or so back that
> security issues were different and caching had to be thought through
> carefully in that respect.
As Russ noted, I wasn't a part of those discussions.
My vehimence is because I suspect that the current text is open to wild
misinterpretation. I suspect even if you fix it for "some caching is
okay and some cachinmg is never ok" it will still be likely to be confused
in dangerous ways.
> [C] LIST EXTENSIONS MOREINFO
> [S] 202 Extensions list with more information
> [S] + AUTHINFO USER
> [S] ! SASL CRAM-MD5 NTLM DIGEST-MD5 PLAIN
> [S] - SASL CRAM-MD5 NTLM DIGEST-MD5
> [S] + STREAMING
> [S] - STARTTLS
> [S] .
>
> where:
>
> + = this extension is always available
> ! = this extension is available now, but not in some other states
> - = this extension is available in some other states, but not now
>
> and to which we could perhaps add:
>
> ? = this extension is available now, but not in some other states;
> for security reasons clients MUST NOT cache this information
Is this optimization really worth this much additional complexity?
-Rob
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Rob Siemborski | Andrew Systems Group * Research Systems Programmer
PGP:0x5CE32FCC | Cyert Hall 207 * rjs3 at andrew.cmu.edu * 412.268.7456
-----BEGIN GEEK CODE BLOCK----
Version: 3.12
GCS/IT/CM/PA d- s+: a-- C++++$ ULS++++$ P+++$ L+++(++++) E W+ N o? K-
w O- M-- V-- PS+ PE++ Y+ PGP+ t+@ 5+++ R@ tv-@ b+ DI+++ G e h r- y?
------END GEEK CODE BLOCK-----
More information about the ietf-nntp
mailing list