[NNTP] STARTTLS -- port 563 language
Russ Allbery
rra at stanford.edu
Tue Jun 7 17:27:04 PDT 2005
Jeffrey M Vinocur <jeff at litech.org> writes:
> I just noticed that I had an outstanding change lying around on disk. I
> don't remember if I reworded this in response to a specific issue, or if
> it just struck me as a confusingly long and winding sentence.
> Does anyone remember and/or think the revised text is an improvement?
I think it's an improvement; I think it's worth saying explicitly that the
TLS negotiation starts immediately in that mode.
> -Although current use of TLS most often involves the dedication of port
> -563 for NNTP over TLS, the continued use of TLS on a separate port is
> -discouraged for the reasons documented in section 7 of "Using TLS with
> -IMAP, POP3 and ACAP" [TLS-IMAPPOP].
> +
> +In some existing implementations, TCP port 563 has been dedicated to
> +NNTP over TLS. These implementations begin the TLS negotiation
> +immediately upon connection, and then continue with the initial steps of
> +an NNTP session. This use of TLS on a separate port is discouraged for
> +the reasons documented in section 7 of "Using TLS with IMAP, POP3 and
> +ACAP" [TLS-IMAPPOP]. The STARTTLS command is the preferred way of using
> +TLS with NNTP.
--
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
More information about the ietf-nntp
mailing list