[NNTP] Snapshot 6
Ken Murchison
ken at oceana.com
Fri Jan 7 12:24:41 PST 2005
Clive D.W. Feather wrote:
> Okay, snapshot 6 is available in the usual place:
>
> <http://www.davros.org/nntp-texts/draft25.pre-6.txt>
> <http://www.davros.org/nntp-texts/draft25.pre-6.html>
3.3.3:
I believe I have discovered a problem with the capability modifier
mechanism. If my server supports AUTHINFO, how do I advertise that
AUTHINFO USER and AUTHINFO SASL PLAIN require TLS, but all other SASL
mechanisms can be used without TLS?
We can't/shouldn't have the same capability advertised twice, e.g.:
-483 AUTHINFO USER
AUTHINFO SASL
-483 SASL PLAIN
SASL CRAM-MD5 DIGEST-MD5
Do we allow modifiers to be interspersed in arguments, e.g.:
AUTHINFO SASL -483 USER
SASL CRAM-MD5 DIGEST-MD5 -483 PLAIN
Granted, in this case a -483 isn't necessary to tell the client that it
needs TLS before AUTHINFO USER or AUTHINFO SASL PLAIN, since it can
infer this by the presence of STARTTLS and the absence of AUTHINFO USER
and SASL PLAIN.
--
Kenneth Murchison Oceana Matrix Ltd.
Software Engineer 21 Princeton Place
716-662-8973 x26 Orchard Park, NY 14127
--PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp
More information about the ietf-nntp
mailing list