[NNTP] LIST EXTENSIONS (again)

[Mark Crispin]

On Tue, 9 Nov 2004, Ken Murchison wrote:
> If we simply change the client to use MODE READER before STARTTLS/AUTHINFO 
> (which was its intended, although undocumented, intent), we solve the problem 
> with a trivial fix and AFAIK don't introduce any new compatibilties with 
> deployed servers.

Actually it does introduce a problem.  We have at least one server 
(Diablo?) in which this will not work.

I used to do MODE READER first, and had to change my code due to user 
complaints that it didn't work.

More precisely, here is what my code does:

I do STARTTLS first.  [Sorry if you think that this is wrong.  The TLS 
architecture says that this is mandatory.]

Then, if the user configures authentication (by specifying /user=xxx in 
the NNTP specification), I do AUTHINFO.

Then, I do MODE READER, and if it responds 480 I do AUTHINFO.

I did not do this out of a desire to be gothic.  I did this because it was 
the only thing that worked with all the servers that real users 
encountered.  There are, indeed, users who could not use NNTP with Pine 
until they added the /user=xxx to force authentication before MODE READER.

It sounds to me as if you telling me that I should do MODE READER first, 
and tell my users who set /user=xxx to force AUTHINFO first "sorry, the 
IETF NNTPEXT working group says this is broken, tell your server admin to 
fix his server."

This ain't gonna happen.

-- Mark --

http://staff.washington.edu/mrc
Science does not emerge from voting, party politics, or public debate.
Si vis pacem, para bellum.