[NNTP] Comments on draft-...-authinfo-03

Clive D.W. Feather clive at demon.net
Thu Sep 16 04:37:11 PDT 2004 

Mostly nitpicks:

I suggest that the text at the start of section 2 be called section 2.1.
Title perhaps "General concepts".

Page 4, "The server may list ...". Is the server required to reject any
AUTHINFO command that is then received? The purpose of this paragraph isn't
clear to me.

Page 4 last para: a 480 indicates that the client must authorise, and
AUTHINFO is a way to do this, but it doesn't mean that AUTHINFO MUST be
used.

Page 7 para 2: s/compliant/conforming/ perhaps?

Page 7 para 3: s/and client/and a client/

Section 2.2.2 first para: I'm not sure if this belongs here. Why forbid a
server from offering GENERIC as well, since there's no clash of names?
If GENERIC in [NNTP-COMMON] is deprecated, we just end up with no
definition of it at all; how does that help?

Perhaps a better approach is to replace the paragraph with:

    The use of AUTHINFO GENERIC [NNTP-COMMON] is deprecated in favour
    of AUTHINFO SASL. A server SHOULD NOT report AUTHINFO GENERIC
    in the list returned by LIST EXTENSIONS.

I still think it belongs somewhere else, such as the general part of 2 (the
bit I think should be 2.1).

Section 2.2.2 para 4: delete the stuff after ("="). Or replace the entire
sentence with:

    A server challenge that has zero length MUST be sent as a single
    equals sign ("=") and not omitted.

Page 9 last (part) para: calling the argument a "response" when it's the
very first thing in the exchange sounds odd. Perhaps rather than
"challenge" and "response" this text should just talk about "data" or
"words" or "negotiations".

Page 10 first (part) para: I don't think "defined to be the same as" is
right; perhaps:

    In NNTP, an empty server challenge and one of zero length are the
    same thing, encoded as a single equals sign.

2.2.2 para "After a security layer ...": why must the SASL mechanism list
be the same? Why can't new ones be added? Why is STARTTLS forbidden?

3.5: I would remove the comment, since it just duplicates the syntax.

5 para 2: s/posted articles, or by/posted articles or by/

8.2 [UTF-8]: s/Novermber/November/

-- 
Clive D.W. Feather  | Work:  <clive at demon.net>   | Tel:    +44 20 8495 6138
Internet Expert     | Home:  <clive at davros.org>  | Fax:    +44 870 051 9937
Demon Internet      | WWW: http://www.davros.org | Mobile: +44 7973 377646
Thus plc            |                            |

More information about the ietf-nntp mailing list