[NNTP] AUTHINFO SASL initial response and command length
Ken Murchison
ken at oceana.com
Wed Dec 1 09:39:08 PST 2004
The current AUTHINFO drafts states:
"Note that the AUTHINFO SASL command is still subject to the line
length limitations defined in [NNTP]. If use of the initial response
argument would cause the AUTHINFO SASL command to exceed this length,
the client MUST NOT use the initial response parameter (and instead
proceed as defined in section 5.1 of [SASL])."
However, the base draft states:
"Command lines MUST NOT exceed 512 octets, which includes the
terminating CRLF pair. The arguments MUST NOT exceed 497 octets. A
server MAY relax these limits for commands defined in an extension."
Do we want to take advantage of this for AUTHINFO SASL? It would
eliminate an extra roundtrip for those mechs which can have an extremely
long initial response (GSSAPI). Besides, the client and server already
need to handle potentially long challenge/response in the rest of the
exchange.
--
Kenneth Murchison Oceana Matrix Ltd.
Software Engineer 21 Princeton Place
716-662-8973 x26 Orchard Park, NY 14127
--PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp
More information about the ietf-nntp
mailing list