ietf-nntp Draft 20 pre-release 2
Rob Siemborski
rjs3 at andrew.cmu.edu
Fri Oct 10 11:09:51 PDT 2003
On Fri, 10 Oct 2003, Russ Allbery wrote:
> and then go into the example of why this is a security issue.
>
> After the example, say something like:
>
> Clients are strongly encouraged to not cache the results of LIST
> EXTENSIONS and issue the command again at the beginning of every
> session or state change in the session (such as after MODE READER).
> Caching should only be considered for anonymous clients that do not
> use any security or privacy extensions and for which the time required
> for an additional command and response is a noticable issue.
>
> Rob, what would you think of this as wording for that section? Would that
> make you feel more comfortable?
This looks better. Though I'd like to hear other opinions about just
dropping the caching discussion from the document entirely.
-Rob
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Rob Siemborski | Andrew Systems Group * Research Systems Programmer
PGP:0x5CE32FCC | Cyert Hall 207 * rjs3 at andrew.cmu.edu * 412.268.7456
-----BEGIN GEEK CODE BLOCK----
Version: 3.12
GCS/IT/CM/PA d- s+: a-- C++++$ ULS++++$ P+++$ L+++(++++) E W+ N o? K-
w O- M-- V-- PS+ PE++ Y+ PGP+ t+@ 5+++ R@ tv-@ b+ DI+++ G e h r- y?
------END GEEK CODE BLOCK-----
More information about the ietf-nntp
mailing list