ietf-nntp Last major open issue (48x return codes)
Ken Murchison
ken at oceana.com
Mon Sep 8 16:17:19 PDT 2003
Jeffrey M. Vinocur wrote:
> On Mon, 8 Sep 2003, Russ Allbery wrote:
>
>
>>Ken Murchison <ken at oceana.com> writes:
>>
>>>Russ Allbery wrote:
>>
>>>>Authentication and privacy are pretty huge buckets that should
>>>>encapsulate a world of extensions.
>>>
>>>We could even generalize these as "security" which is probably a bigger
>>>bucket.
>>
>>That sounds fine to me; I certainly have no objections.
>
>
> Especially once (some day) it's all SASL-based, and thus the distinction
> isn't even relevant to the NNTP negotiation. (That is, if the server
> admin is looking to have authentication required, encryption optional,
> then the server will advertise only the relevant mechanisms.) I can't see
> any reason to have them distinguished in that case.
Good point, but I don't think that PLAIN+TLS will go away any time soon,
so the authentication (AUTHINFO SASL) and privacy (STARTTLS) distinction
will still need to be made.
--
Kenneth Murchison Oceana Matrix Ltd.
Software Engineer 21 Princeton Place
716-662-8973 x26 Orchard Park, NY 14127
--PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp
More information about the ietf-nntp
mailing list