[NNTP] Re: FW: GenART reviews of draft-ietf-nntpext-tls-nntp-07 and draft-ietf-nntpext-authinfo-09

[Russ Allbery]

> From: Lakshminath Dondeti [mailto:ldondeti at qualcomm.com] 

> Request for clarification
> ---------------------------
> The applications of secure transport (from the authinfo I-D) are:   "to 
> control resource consumption," "to allow abusers of the POST command to 
> be identified," and "to restrict access to "local" groups."

> The last one does require an encrypted channel, but I don't think the 
> other two do.  An authenticated (integrity-protected) channel might be 
> sufficient for some applications.  For applications which do not require 
> confidentiality, why waste resources or put another way why slowdown 
> downloads by making Encryption a MUST?  Thus, I think it would make 
> sense for the drafts to specify an integrity only security layer as a 
> MUST/SHOULD (e.g., TLS_RSA_WITH_NULL_SHA).

> I am curious if the WG had this discussion.  If there was such a 
> discussion and the drafts reflect the consensus, please ignore my 
> comment above.  If not, perhaps it makes sense to specify such a mode 
> for efficient operation.

I'm not sure that I understand the clarification request.

TLS is only required for AUTHINFO USER/PASS or for SASL PLAIN, not for the
general SASL mechanism.  It's required there because the actual password
is being transmitted, and therefore encryption is required to protect it
from interception.  We did discuss the possibility of down-negotiation of
the confidentiality layer after authentication, but the working group (in
consultation with TLS experts) concluded that correct specification and
implementation of down-negotiation were too complex and unusual to be a
viable option.

When using a different SASL mechanism, confidentiality is not required.

-- 
Russ Allbery (rra at stanford.edu)             <http://www.eyrie.org/~eagle/>