[NNTP] STARTTLS and authentication
Russ Allbery
rra at stanford.edu
Mon Jun 13 13:26:49 PDT 2005
Ken Murchison <ken at oceana.com> writes:
> OK, I've replaced the paragraph in 2.2.2 which begins with "Generally
> and NNTP server ..." with this:
> "The server remains in the non-authenticated state, even if client
> credentials are supplied during the TLS negotiation. The AUTHINFO SASL
> command [NNTP-AUTH] with the EXTERNAL mechanism [SASL] MAY be used to
> authenticate once TLS client credentials are successfully exchanged, but
> servers supporting the STARTTLS command are not required to support
> AUTHINFO in general or that mechanism in particular. The server MAY use
> information from the client certificate for identification of
> connections or posted articles (either in its logs or directly in posted
> articles)."
> Does this work? If so, then we're just waiting for some feedback from
> Eric.
Yup, looks good to me.
--
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
More information about the ietf-nntp
mailing list