[ietf-nntp] Need to start (and finish!) the SASL draft
Ken Murchison
ken at oceana.com
Fri Apr 23 04:43:30 PDT 2004
Charles Lindsey wrote:
> Sure, but you would be describing the AUTHINFO SASL stuff at the same
> time. My point was merely that it wasn't necessary to publish the
> STARTTLS stuff just in order to get AUTHINFO USER/PASS on the record
OK, I misunderstood. This might work, but I still think that the
IETF/IESG would squirm over AUTHINFO USER/PASS without any documented
way (e.g. STARTTLS) to protect the password.
>>I've seen a rough draft from Jeff and its what I would expect (and argue
>>for). Its looks a lot like section 4 of RFC 2554, using "AUTHINFO SASL"
>>as the command and 28x and 38x as the response codes. It differs from
>>RFC 2554 in that it also supports success data, as is recommended for
>>any new SASL protocol profile.
>
>
> I think all the variants of AUTHINFO should be described in the same
> document, so far as is possible.
Yes, it documents AUTHINFO USER/PASS and AUTHINFO SASL.
--
Kenneth Murchison Oceana Matrix Ltd.
Software Engineer 21 Princeton Place
716-662-8973 x26 Orchard Park, NY 14127
--PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp
More information about the ietf-nntp
mailing list