[NNTP] Notes on auxiliary documents
Russ Allbery
rra at stanford.edu
Wed Dec 1 11:42:14 PST 2004
Ken Murchison <ken at oceana.com> writes:
> The current STARTTLS and AUTHINFO drafts say the following:
> "The server MUST discard any knowledge obtained from the client, such as
> the current newsgroup and article number, that was not obtained from the
> TLS/SASL negotiation itself. Likewise, the client SHOULD discard and
> MUST NOT rely on any knowledge obtained from the server, such as the
> list of NNTP service extensions, which was not obtained from the
> TLS/SASL negotiation itself."
If we keep MODE READER, we're unfortunately probably going to have to put
in an exception for it, just to make that clear.
> I don't see where having to reselect the group and article would create
> a great hardship for the client.
Likewise. I think most clients that are going to negotiate a privacy
layer are doing it on initial connection right now.
--
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
More information about the ietf-nntp
mailing list