[NNTP] Extension snapshots 3
Ken Murchison
ken at oceana.com
Mon Jan 31 07:42:18 PST 2005
Clive D.W. Feather wrote:
> Ken Murchison said:
>
>>Here are the latest versions of the extensions docs.
>
>
> Using the official versions at the I-D repository.
>
> General
>
> Your various CAPABILITIES examples need to be audited against the
> latest [NNTP], to ensure that, for example, they have the correct LIST
> arguments based on the other capabilities.
Added LIST OVERVIEW.FMT to STARTTLS draft and LIST HEADERS to STREAMING
draft. Did you see anything else missing?
> STREAMING
>
> 2.3.2: the last sentence contradicts the first. Since the first sentence
> says it MUST support MODE STREAM if streaming works, the SHOULD in the last
> sentence makes no sense. Just delete the last sentence.
OK, I see your point. What I'm trying to say is that MODE STREAM isn't
required (because its deprecated by CAPABILITIES), but if supported, it
returns 203. What if I change the first sentence to:
"If a server supports the MODE STREAM, CHECK, and TAKETHIS commands it
MUST return a 203 response to the MODE STREAM command (or 501 if an
argument is given) and MUST NOT have any other effect.
> STARTTLS
>
> 2.1. The sentence "However, ..." needs adjusting. Try:
>
> However, the capability MUST NOT be advertised once a TLS layer
> is active (see section 2.2.2.2), or after any alternative mechanism
> that installs a security layer (e.g. [NNTP-AUTH]).
>
> Note the change to MUST NOT. The second bit is because, in principle,
> STARTTLS after a USER authentication, or an SASL authentication that
> does *not* set up a security layer, should be fine.
Not true. Successful STARTTLS resets the state of the connection, so we
don't allow STARTTLS after *any* authentication. Here's the current
sentence:
"However, this capability MUST NOT be advertised once a TLS layer is
active (see section 2.2.2.2), or after successful authentication
[NNTP-AUTH]."
--
Kenneth Murchison Oceana Matrix Ltd.
Software Engineer 21 Princeton Place
716-662-8973 x26 Orchard Park, NY 14127
--PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp
More information about the ietf-nntp
mailing list