[ietf-nntp] Re: SASL capability
Russ Allbery
rra at stanford.edu
Tue May 18 19:58:10 PDT 2004
Ken Murchison <ken at oceana.com> writes:
> The one issue which we would need to address if we remove the standalone
> SASL capability is whether or not we continue to return it after
> authentication.
I don't know very much at all about the theory there in detecting MITM
attacks. Do you know how important that's considered? Is it just a
possibly nice feature, or is it something that SASL protocols are strongly
recommended to do?
--
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
More information about the ietf-nntp
mailing list