[NNTP] draft-ietf-nntpext-tls-nntp-03
Ken Murchison
ken at oceana.com
Tue Oct 5 06:46:18 PDT 2004
Clive D.W. Feather wrote:
> Only two small points.
>
> (1) Near the end of page 6 is the sentence "The client SHOULD send a LIST
> EXTENSIONS command as the first command after a successful TLS negotiation",
> with discussion of LIST EXTENSIONS in the next paragraph. I'm not sure of
> the point of that sentence and in particular the SHOULD: the previous
> sentence explains why you must forget any previous knowledge, and the next
> paragraph says that the extension list could change.
I addressed this a little in your other post.
> In particular, if you want to do TLS to protect core commands, there's no
> need to issue a LIST EXTENSIONS at all.
Huh? I don't follow. After TLS, the available auth mechanisms may
change, and a client really should check for this.
> (2) I suggested a change to the last sentence of the first paragraph of
> 2.2.2.1. I've just realized I was slightly wrong - there are other commands
> (notably LIST EXTENSIONS) for whice 483 is not permitted. So change:
Good point.
> further NNTP commands from the client (other than a QUIT command)
>
> to:
>
> further substantive NNTP commands from the client (note that the 483
> response is forbidden for some commands such as QUIT)
>
> Alternatively, delete the "(other than a QUIT command)" comment entirely,
> relying on [NNTP] to make the point.
Either way is fine with me. Russ?
> You might also want to add a LIST EXTENSIONS to the last example to show
> this.
I'll look at this.
--
Kenneth Murchison Oceana Matrix Ltd.
Software Engineer 21 Princeton Place
716-662-8973 x26 Orchard Park, NY 14127
--PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp
More information about the ietf-nntp
mailing list