[NNTP] Extension snapshots 2
Clive D.W. Feather
clive at demon.net
Wed Jan 12 07:52:05 PST 2005
Ken Murchison said:
> "In agreement with [SASL], the server MUST continue to advertise the SASL
> capability in response to a CAPABILITIES command with the same list of
> SASL mechanisms as before authentication (thereby enabling the client
> to detect a possible active down-negotiation attack). Other
> capabilities returned in response to a CAPABILITIES command received
> after authentication MAY be different than those returned before
> authentication. For example, an NNTP server may not want to advertise
> support for a specific extension unless a client has been
> authenticated."
Works for me.
--
Clive D.W. Feather | Work: <clive at demon.net> | Tel: +44 20 8495 6138
Internet Expert | Home: <clive at davros.org> | Fax: +44 870 051 9937
Demon Internet | WWW: http://www.davros.org | Mobile: +44 7973 377646
Thus plc | |
More information about the ietf-nntp
mailing list