[ietf-nntp] Re: AUTHINFO/SASL responses
Ken Murchison
ken at oceana.com
Mon May 17 18:30:54 PDT 2004
Russ Allbery wrote:
> Ken Murchison <ken at oceana.com> writes:
>
>>Russ Allbery wrote:
>
>
>>>481 would indicate a temporary failure with authentication, implying
>>>that the client should try the same username and password again. Is
>>>that what you mean? Under what circumstances would one use that?
>
>
>>If the user typed his/her password incorrectly.
>
>
> That's a permanent failure. Any retry with that same password is just
> going to fail again. The user will have to authenticate using different
> credentials (the correct password) to be successful.
>
>
>>If the server didn't have the mechanism-specific credentials for the
>>user.
>
>
> Wouldn't that normally be a permanent failure as well (at least for that
> session)?
Yeah, you're right. I was stuck thinking about the whole "close the
connection" thing rather than permanent vs. temporary failure. FWIW,
SMTP AUTH uses a 5xx code (permanent) for a failed authentication.
So I guess we're back to 502 or a new 581 for failed auth.
--
Kenneth Murchison Oceana Matrix Ltd.
Software Engineer 21 Princeton Place
716-662-8973 x26 Orchard Park, NY 14127
--PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp
More information about the ietf-nntp
mailing list