[NNTP] TLS draft question
Ken Murchison
ken at oceana.com
Tue Jul 19 15:44:36 PDT 2005
Ned Freed wrote:
>> Yes. I believe that our text follows that of IMAP, POP3 and SMTP in
>> that the session may continue even if the TLS negotiation failed.
>
>
> That may be the theory, but it almost never works in practice, in my
> experience at least.
Ned, are you suggesting that the server should just unilaterally
disconnect the client if TLS fails? I know for a fact that the Cyrus
servers (IMAP, POP3, NNTP, LMTP) simply revert back to using its own I/O
routines rather than the OpenSSL equivalents if TLS fails. I haven't
tried this with any clients to see how they behave.
--
Kenneth Murchison Oceana Matrix Ltd.
Software Engineer 21 Princeton Place
716-662-8973 x26 Orchard Park, NY 14127
--PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp
More information about the ietf-nntp
mailing list