[NNTP] Extension snapshots 2

Russ Allbery rra at stanford.edu
Tue Jan 4 10:23:45 PST 2005 

Ken Murchison <ken at oceana.com> writes:

> But only the server knows if its truely mode-switching (in lieu of a
> MODE READER capability -- which only VERSION 2 capable clients will know
> about) and the client may always send MODE READER just to cover its ass.

There's no point in sending MODE READER after authentication, though; it
won't do anything useful.  I think we need to make that clear to future
implementors.

> I'm worried about breaking existing clients (e.g. Pine) which have found
> a sequence of commands which work on almost all servers (mode-switching
> INN being the notable exception).

Well, what Pine is doing is broken.  It doesn't actually accomplish what
Pine was attempting to accomplish.  The reason why Mark was able to think
that it was a good idea is because there wasn't any standard to say "don't
do that."  So I think we should be very clear about this.

Pine is not going to comply with any standard that fits how MODE READER
works with existing servers, since what Pine does doesn't actually work.

> And if we do make a note regarding the use of MODE READER after
> authentication, do we do so only in the context of mode-switching, or
> unilaterally?

MODE READER has no purpose except with a mode-switching server or to cover
one's ass just in case one is talking to a mode-switching server, so I
think that we should describe how to send it unilaterally.

> Ideally, a mode-switching server would discontinue advertising the MODE
> READER capability after TLS and/or authentication.

Oh, definitely.  Any client that can watch the capabilities won't have a
problem with this.

> And perhaps we dance around this issue a little and say something like
> this in the base doc:

> "If a client intends to use the MODE READER command, it SHOULD issue
> this command before any security or privacy commands are issued."

I don't see any reason to leave it that mild.  I would say:

    If a client intends to use the MODE READER command, it SHOULD issue it
    before issuing any commands other than CAPABILITIES and MUST issue it
    before any security or privacy commands are issued.

The client knows whether it wants to be a reader or a peer.  The only
thing it needs to do before issuing MODE READER is to check whether it's
needed.

-- 
Russ Allbery (rra at stanford.edu)             <http://www.eyrie.org/~eagle/>

More information about the ietf-nntp mailing list