[NNTP] Fwd: Gen-art review of draft-ietf-nntpext-streaming-05
Ade Lovett
ade at lovett.com
Mon Jun 13 09:50:28 PDT 2005
Ken Murchison said:
>
>Should we say something along the lines like "if the number of rejected
>TAKETHIS commands exceeds an implementation specific threshold, the
>server SHOULD/MAY terminate the session with a 400 response".
This simply doesn't make sense. Practically every single command in the
spec can be (ab)used to cause pain for a server, with the amount of pain
being implementation dependent.
In the real world, CHECK/TAKETHIS are also likely to be only available
to a small subset of the set of NNTP connections a "server" has to deal
with, presumably to "well-known" endpoints (other NNTP transit peers).
Finally, if something bad *does* happen, it's very unlikely that a
runaway is likely to be able to do anything useful with a 400 response.
A more correct approach would be to simply deep six the session with a
close() and move on.
Finally (again. I lied.) a quick scan of various other major protocols
(in particular (E)SMTP) shows no references there to such runaway
behavior, so I don't see any reason why NNTP has to be different in
explicitly mentioning such behavior.
-aDe
More information about the ietf-nntp
mailing list