[ietf-nntp] I-D ACTION:draft-ietf-nntpext-authinfo-00.txt

Ken Murchison ken at oceana.com
Tue May 25 18:04:24 PDT 2004


Russ Allbery wrote:

> Clive D W Feather <clive at demon.net> writes:
> 
>>So why shouldn't you advertise SASL?
> 
> 
> I think the only reason not to advertise SASL after authentication is that
> you are not allowed, IIRC, to redo a SASL negotiation after you've already
> done one once (because of the privacy layer portion of it).
> 
> But that's just a vague memory, and I don't see that mentioned explicitly
> in RFC 2222, so perhaps I'm wrong?

Its not forbidden, but it becomes messy if you have already negotiated a 
SASL security layer.  This is why most, if not all, other SASL-enabled 
protocols have punted and only allow one authentication per session.

Do we still have folks which want to allow re-authentication in a single 
session?  I'd rather not have to deal with it if nobody cares.

-- 
Kenneth Murchison     Oceana Matrix Ltd.
Software Engineer     21 Princeton Place
716-662-8973 x26      Orchard Park, NY 14127
--PGP Public Key--    http://www.oceana.com/~ken/ksm.pgp



More information about the ietf-nntp mailing list