[NNTP] Fwd: Gen-art review of draft-ietf-nntpext-streaming-05
Ken Murchison
ken at oceana.com
Sun Jun 12 17:41:00 PDT 2005
Andrew - Supernews wrote:
>>>>>>"Elwyn" == Elwyn Davies <elwynd at dial.pipex.com> writes:
>
>
> Elwyn> The sort of thing I was thinking of was sending streams of
> Elwyn> CHECKs for articles and never sending TAKETHIS,
>
> 2.4.2: "Note however, that the responses to CHECK are advisory; the
> server MUST NOT rely on the client to behave as requested by these
> responses."
>
> I don't know if this is worth pointing out in the security
> considerations too; the fact that you mentioned it might suggest it
> _is_ worth it :-)
Suggested text?
I would think that any text we craft regarding CHECK would also apply to
IHAVE (the first step).
It would seem to me that TAKETHIS is more worrisome if the peer just
starts flooding the pipe with articles that the server doesn't want.
Should we say something along the lines like "if the number of rejected
TAKETHIS commands exceeds an implementation specific threshold, the
server SHOULD/MAY terminate the session with a 400 response".
--
Kenneth Murchison Oceana Matrix Ltd.
Software Engineer 21 Princeton Place
716-662-8973 x26 Orchard Park, NY 14127
--PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp
More information about the ietf-nntp
mailing list