[NNTP] Notes on auxiliary documents
Russ Allbery
rra at stanford.edu
Thu Dec 2 01:03:40 PST 2004
Clive D W Feather <clive at demon.net> writes:
> Ken Murchison said:
>> Which makes me think about whether 483 makes any sense after
>> authentication. If I've already authenticated without a privacy layer,
>> but a group I'm trying to access requires privacy, the only thing I can
>> do is quit and reconnect, since neither re-authentication nor STARTLS
>> after authentication are allowed.
> But a different privacy extension might still be.
> 483 does NOT REPEAT NOT mean "you must use STARTTLS". It means "you need
> privacy to do this". If it turns out that the only privacy extension you
> have available won't let you do privacy in this context then, yes, you
> should quit and reconnect, but that is not a reason to not use
> 483. Rather, the 483 combined with no available privacy extensions (in
> the CAPABILITIES output) is a signal that you need to quit and
> reconnect.
The reasons for disallowing STARTTLS after AUTHINFO would apply to any
other privacy extension as well. They're not specific to TLS. (In
particular, new privacy layer => discard all existing state => discard
existing authentication => double authentication messes that we decided to
punt on.)
--
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
More information about the ietf-nntp
mailing list