[NNTP] TLS draft question

Russ Allbery rra at stanford.edu
Wed Jul 20 09:21:52 PDT 2005


Eric Rescorla <ekr at networkresonance.com> writes:
> Ken Murchison <ken at oceana.com> writes:

>> No apologies nescessary, but I'm looking for guidance.  What you're
>> both describing seems to be an implementation problem, not a design
>> flaw in the protocol.  What do you suggest we do with NNTP that would
>> differ from the other messaging protocols?

> I'm not sure it's different. My memory was that noone actually tried to
> resume after failed TLS negotiation and that if the protocol specs
> suggested it they were widely ignored. :) Have I been away too long? :)

I looked briefly yesterday and, at the least, the other protocols don't
have any examples showing resume after failure.  They do all allow the
server to fail STARTTLS immediately after the command, of course, but in a
quick perusal, I didn't see any provision for later failure other than the
statement that the client should close the connection.

I'll look again more thoroughly later today (if I can spring the free
time).

-- 
Russ Allbery (rra at stanford.edu)             <http://www.eyrie.org/~eagle/>



More information about the ietf-nntp mailing list