[NNTP] Comments on draft-...-authinfo-03

Clive D.W. Feather clive at demon.net
Wed Sep 22 07:09:04 PDT 2004


Ken Murchison said:
>> Note the next paragraph: it also talks about encoding zero length strings
>> as = signs, but without attempting to justify why. In fact, we could send
>> it as a blank line in this case - I'm not suggesting this, just noting it
>> would be technically possible.
> 
> This is what I originally had (same as SMTP and POP3), but someone 
> didn't like this (don't recall who),

Quite possibly me.

> so I changed it to be the same as 
> an empty initial response and empty server challenge.  If someone can 
> provide me with some text that gives me a reason why we're using "=", 
> I'll add it.  Or if we just want to use a blank line, I'm fine with that 
> too.

I think the present protocol is fine; it's only the way it's described that
I'm commenting on.

How about this?

    A server challenge is sent as a 383 reply with a single argument
    containing the [BASE64] encoded string supplied by the SASL
    mechanism.  A server challenge that has zero length MUST be sent
    as a single equals sign ("=") and not omitted (in order to comply
    with the [NNTP] requirement that responses always have the same
    number of arguments).

    A client response consists of a line containing a [BASE64] encoded
    string.  A client response that has zero length MUST be sent as a
    single equals sign ("=") and not omitted (for consistency with
    the server challenge format).  If the client wishes to cancel
    the authentication exchange, it issues a line with a single "*".
    If the server receives such a response, it MUST reject the AUTHINFO
    SASL command by sending a 481 reply.

In each case you might prefer to insert "this is" at the start of the
parenthetical comment.

-- 
Clive D.W. Feather  | Work:  <clive at demon.net>   | Tel:    +44 20 8495 6138
Internet Expert     | Home:  <clive at davros.org>  | Fax:    +44 870 051 9937
Demon Internet      | WWW: http://www.davros.org | Mobile: +44 7973 377646
Thus plc            |                            |



More information about the ietf-nntp mailing list