[ietf-nntp] Reauthentication?
Clive D.W. Feather
clive at demon.net
Fri Jun 18 09:34:02 PDT 2004
Jeffrey M. Vinocur said:
> Since no one objected, Ken added the following text:
>
> After an AUTHINFO command has been successfully completed, no more
> AUTHINFO commands may be issued in the same session. After a suc-
> cessful AUTHINFO command completes, a server MUST reject any fur-
> ther AUTHINFO commands with a 502 response.
Fine.
> Is the server permitted to return 480 to a client that has already
> authenticated? I would say not, since we're forbidding reauthentication
Exactly.
The difference between 502 and 480 is that the former says you can't
authenticate on this connection and the latter says you can. To quote:
502:
it is necessary to terminate the connection and start a new one with
the appropriate authority before the command can be used.
480:
the client must authenticate itself to the server (that is, provide
information as to the identity of the client) before the facility can
be used. This will involve the use of an authentication extension.
Hmm. I think I'll add "on this connection" to the end of the first sentence
of 480 to make that clearer.
> (but as there is a not entirely unreasonable argument for doing so in
> order to guide the client into knowing when it might still be missing some
> access rights,
That's what 502 means in this context.
--
Clive D.W. Feather | Work: <clive at demon.net> | Tel: +44 20 8495 6138
Internet Expert | Home: <clive at davros.org> | Fax: +44 870 051 9937
Demon Internet | WWW: http://www.davros.org | Mobile: +44 7973 377646
Thus plc | |
More information about the ietf-nntp
mailing list