[NNTP] Comments on draft-...-authinfo-03
Ken Murchison
ken at oceana.com
Mon Sep 27 06:37:15 PDT 2004
Russ Allbery wrote:
> Clive D W Feather <clive at demon.net> writes:
>
>>>>Question to the group: would it be worth adding a flag to show that
>>>>authentication is no longer possible? Something like:
>>>>
>>>> AUTHINFO - USER SASL:EXTERNAL
>>>
>>>Or we could just ignore a SHOULD in RFC 2222bis and not display the
>>>AUTHINFO capability at all after authentication. But I don't think
>>>this is a good idea.
>
>
>>I'm happy to show the information, though I think it's better being
>>flagged (so that a naive client [author] doesn't think that AUTHINFO is
>>valid at this point).
>
>
> I'd rather not add more complexity to the syntax right now. I know it's a
> little bit confusing, but I think it's best to leave it as currently
> presented rather than adding a separate flag with a syntax that isn't
> really related to the rest of the protocol.
We could go back to what Chris Newman had originally had which is a
separate capability for SASL, eg,
before authentication:
AUTHINFO USER SASL
SASL PLAIN CRAM-MD5
after authentication:
SASL PLAIN CRAM-MD5
--
Kenneth Murchison Oceana Matrix Ltd.
Software Engineer 21 Princeton Place
716-662-8973 x26 Orchard Park, NY 14127
--PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp
More information about the ietf-nntp
mailing list