[NNTP] Comments on draft-...-authinfo-03
Clive D.W. Feather
clive at demon.net
Wed Sep 22 07:09:04 PDT 2004
Ken Murchison said:
>> Note the next paragraph: it also talks about encoding zero length strings
>> as = signs, but without attempting to justify why. In fact, we could send
>> it as a blank line in this case - I'm not suggesting this, just noting it
>> would be technically possible.
>
> This is what I originally had (same as SMTP and POP3), but someone
> didn't like this (don't recall who),
Quite possibly me.
> so I changed it to be the same as
> an empty initial response and empty server challenge. If someone can
> provide me with some text that gives me a reason why we're using "=",
> I'll add it. Or if we just want to use a blank line, I'm fine with that
> too.
I think the present protocol is fine; it's only the way it's described that
I'm commenting on.
How about this?
A server challenge is sent as a 383 reply with a single argument
containing the [BASE64] encoded string supplied by the SASL
mechanism. A server challenge that has zero length MUST be sent
as a single equals sign ("=") and not omitted (in order to comply
with the [NNTP] requirement that responses always have the same
number of arguments).
A client response consists of a line containing a [BASE64] encoded
string. A client response that has zero length MUST be sent as a
single equals sign ("=") and not omitted (for consistency with
the server challenge format). If the client wishes to cancel
the authentication exchange, it issues a line with a single "*".
If the server receives such a response, it MUST reject the AUTHINFO
SASL command by sending a 481 reply.
In each case you might prefer to insert "this is" at the start of the
parenthetical comment.
--
Clive D.W. Feather | Work: <clive at demon.net> | Tel: +44 20 8495 6138
Internet Expert | Home: <clive at davros.org> | Fax: +44 870 051 9937
Demon Internet | WWW: http://www.davros.org | Mobile: +44 7973 377646
Thus plc | |
More information about the ietf-nntp
mailing list