[NNTP] draft-ietf-nntpext-tls-nntp-03
Clive D.W. Feather
clive at demon.net
Tue Oct 5 00:59:41 PDT 2004
Only two small points.
(1) Near the end of page 6 is the sentence "The client SHOULD send a LIST
EXTENSIONS command as the first command after a successful TLS negotiation",
with discussion of LIST EXTENSIONS in the next paragraph. I'm not sure of
the point of that sentence and in particular the SHOULD: the previous
sentence explains why you must forget any previous knowledge, and the next
paragraph says that the extension list could change.
In particular, if you want to do TLS to protect core commands, there's no
need to issue a LIST EXTENSIONS at all.
(2) I suggested a change to the last sentence of the first paragraph of
2.2.2.1. I've just realized I was slightly wrong - there are other commands
(notably LIST EXTENSIONS) for whice 483 is not permitted. So change:
further NNTP commands from the client (other than a QUIT command)
to:
further substantive NNTP commands from the client (note that the 483
response is forbidden for some commands such as QUIT)
Alternatively, delete the "(other than a QUIT command)" comment entirely,
relying on [NNTP] to make the point.
You might also want to add a LIST EXTENSIONS to the last example to show
this.
--
Clive D.W. Feather | Work: <clive at demon.net> | Tel: +44 20 8495 6138
Internet Expert | Home: <clive at davros.org> | Fax: +44 870 051 9937
Demon Internet | WWW: http://www.davros.org | Mobile: +44 7973 377646
Thus plc | |
More information about the ietf-nntp
mailing list