[NNTP] Snapshot 6

Ken Murchison ken at oceana.com
Fri Jan 7 12:24:41 PST 2005


Clive D.W. Feather wrote:

> Okay, snapshot 6 is available in the usual place:
> 
> <http://www.davros.org/nntp-texts/draft25.pre-6.txt>
> <http://www.davros.org/nntp-texts/draft25.pre-6.html>

3.3.3:

I believe I have discovered a problem with the capability modifier 
mechanism.  If my server supports AUTHINFO, how do I advertise that 
AUTHINFO USER and AUTHINFO SASL PLAIN require TLS, but all other SASL 
mechanisms can be used without TLS?

We can't/shouldn't have the same capability advertised twice, e.g.:

-483 AUTHINFO USER
AUTHINFO SASL
-483 SASL PLAIN
SASL CRAM-MD5 DIGEST-MD5


Do we allow modifiers to be interspersed in arguments, e.g.:

AUTHINFO SASL -483 USER
SASL CRAM-MD5 DIGEST-MD5 -483 PLAIN


Granted, in this case a -483 isn't necessary to tell the client that it 
needs TLS before AUTHINFO USER or AUTHINFO SASL PLAIN, since it can 
infer this by the presence of STARTTLS and the absence of AUTHINFO USER 
and SASL PLAIN.
-- 
Kenneth Murchison     Oceana Matrix Ltd.
Software Engineer     21 Princeton Place
716-662-8973 x26      Orchard Park, NY 14127
--PGP Public Key--    http://www.oceana.com/~ken/ksm.pgp



More information about the ietf-nntp mailing list