[NNTP] Re: MODE READER

Mark Crispin MRC at CAC.Washington.EDU
Mon Oct 18 14:49:39 PDT 2004 

On Mon, 18 Oct 2004, Clive D.W. Feather wrote:
> As far as MODE READER is concerned, I personally agree with you. However,
> server implementers will tell you otherwise. If you want to argue for this
> change, please do so and let's see what happens.

It certainly can be argued that this is a server internal detail which 
should not burden the protocol.  It also adds an additional RTT (6 by my 
count).  Consider the normal startup situation:

1) Connect, get a 200 or 201 response.

2) Send LIST EXTENSIONS.  If STARTTLS listed as an extension:
    a) send STARTTLS
    b) send LIST EXTENSIONS

3) If client is configured always-authenticate, or if client wants to post
    and greeting was 201, negotiate authentication.

4) Send MODE READER.  If get 480, negotiate authentication, then repeat
    MODE READER.

5) Send LIST EXTENSIONS (since MODE READER may have changed it)

And yes, we really want to do MODE READER *after* STARTTLS, since we want 
any authentication to be after TLS.

That's a lot of RTTs:
 	S: 200 NNTP server
 	C: LIST EXTENSIONS
 	S: 202 Must negotiate TLS now:
 	S: STARTTLS
 	S: .
 	C: STARTTLS
 	S: 382 TLS starting
 	C: LIST EXTENSIONS
 	S: 202 Must authentication now using:
 	S: AUTHINFO SASL:PLAIN
 	S: .
 	C: AUTHINFO SASL PLAIN AHRlc3QAMTIzNA==
 	S: 281 Logged in
 	C: MODE READER
 	S: 200 NNTP server
 	C: LIST EXTENSIONS
 	S: 202 Here's what you can do now:
 	S: LISTGROUP
 	S: OVER
 	S: .
 	C: GROUP comp.mail.misc


Better would be something like the following, which uses an IMAP-like 
mechanism to carry capabilities in responses, and flushes MODE READER:

 	S: 200 [STARTTLS] NNTP server, negotiate TLS now
 	C: STARTTLS
 	S: 382 TLS starting
 	C: LIST EXTENSIONS
 	S: 202 Must authentication now using:
 	S: AUTHINFO SASL:PLAIN
 	S: .
 	C: AUTHINFO SASL PLAIN AHRlc3QAMTIzNA==
 	S: 281 [LISTGROUP OVER] Now you can do stuff
 	C: GROUP comp.mail.misc

-- Mark --

http://staff.washington.edu/mrc
Science does not emerge from voting, party politics, or public debate.
Si vis pacem, para bellum.

More information about the ietf-nntp mailing list