[ietf-nntp] Re: SASL capability

Ken Murchison ken at oceana.com
Tue May 18 19:12:31 PDT 2004


Russ Allbery wrote:
> Ken Murchison <ken at oceana.com> writes:
> 
>>Clive D.W. Feather wrote:
> 
> 
>>>I've now had time to work through the draft. I'm still at the "test the
>>>concepts" stage rather than the "copy-editing" stage.
> 
> 
>>>"#3" means "paragraph 3".
> 
> 
>>>Section 2#3: I don't like the separate SASL response to LIST
>>>EXTENSIONS.  This implies that there are two separate extensions, and
>>>there aren't. It just doesn't fit the @@@@. Instead of that, what's
>>>wrong with:
> 
> 
>>>    AUTHINFO USER SASL:DIGEST-MD5,GSSAPI,PLAIN,EXTERNAL
> 
> 
>>I have no problems with this, or any variant.  Two variants which come
>>to mind would be:
> 
> 
>>AUTHINFO USER SASL(DIGEST-MD5,GSSAPI,PLAIN,EXTERNAL)
> 
> 
>>AUTHINFO USER SASL=DIGEST-MD5 SASL=GSSAPI SASL=PLAIN SASL=EXTERNAL
> 
> 
>>The latter is similar to the IMAP capability response.
> 
> 
> I vote for the latter just because I think it's the easiest to parse.  You
> can just split on whitespace (like you always do with NNTP stuff) and then
> look for SASL=<some mech you like>.  The others all require separately
> splitting on commas.

Any consensus on this point.  I don't really have any preference for 
either, although the latter is already used in practice.

The one issue which we would need to address if we remove the standalone 
SASL capability is whether or not we continue to return it after 
authentication.

-- 
Kenneth Murchison     Oceana Matrix Ltd.
Software Engineer     21 Princeton Place
716-662-8973 x26      Orchard Park, NY 14127
--PGP Public Key--    http://www.oceana.com/~ken/ksm.pgp



More information about the ietf-nntp mailing list