[NNTP] Proposed STARTTLS changes
Jeffrey M. Vinocur
jeff at litech.org
Sun Oct 3 16:30:04 PDT 2004
On Oct 1, 2004, at 11:34 AM, Ken Murchison wrote:
> [...]
Some phrasing suggestions below, but with regard to substance, I'm
happy with the proposed diff.
> + If the server is unable to initiate the TLS negotiation for any
> reason
> + (e.g. a server configuration or resource problem), the server MUST
> + reject the STARTTLS command with a 580 response. Otherwise, the
> server
> + issues a 382 response and begins a TLS negotiation with the client.
Suggest: "...the server issues a 382 response, and TLS negotiation
begins."
> ! After the TLS handshake has been completed, both parties MUST
> ! immediately decide whether or not to continue based on the
> ! authentication and privacy achieved (if any). The NNTP client and
> ! server may decide to move ahead even if the TLS negotiation ended
> with
> ! no authentication and/or no privacy because NNTP services are often
Perhaps "...ended without authentication and/or without privacy
because..." or something like that?
--
Jeffrey M. Vinocur
jeff at litech.org
More information about the ietf-nntp
mailing list