[NNTP] AUTHINFO SASL initial response and command length
Ken Murchison
ken at oceana.com
Tue Jan 4 12:54:29 PST 2005
Russ Allbery wrote:
> Ken Murchison <ken at oceana.com> writes:
>
>
>>The current AUTHINFO drafts states:
>>"Note that the AUTHINFO SASL command is still subject to the line
>>length limitations defined in [NNTP]. If use of the initial response
>>argument would cause the AUTHINFO SASL command to exceed this length,
>>the client MUST NOT use the initial response parameter (and instead
>>proceed as defined in section 5.1 of [SASL])."
>
>
>>However, the base draft states:
>
>
>>"Command lines MUST NOT exceed 512 octets, which includes the terminating
>>CRLF pair. The arguments MUST NOT exceed 497 octets. A server MAY relax
>>these limits for commands defined in an extension."
>
>
>>Do we want to take advantage of this for AUTHINFO SASL? It would
>>eliminate an extra roundtrip for those mechs which can have an extremely
>>long initial response (GSSAPI). Besides, the client and server already
>>need to handle potentially long challenge/response in the rest of the
>>exchange.
>
>
> I'd actually thought we were already doing that. Yes, I think I'm in
> favor of that.
Since nobody else has voiced an opinion either way (which is actually
surprising), is this the final decision? I'm getting ready to craft
some text which extends the length of the AUTHINFO SASL command.
--
Kenneth Murchison Oceana Matrix Ltd.
Software Engineer 21 Princeton Place
716-662-8973 x26 Orchard Park, NY 14127
--PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp
More information about the ietf-nntp
mailing list