[NNTP] draft-ietf-nntpext-base-25

Clive D.W. Feather clive at demon.net
Mon Mar 7 03:48:30 PST 2005 

Ken Murchison said:
> 3.3.2:  The sentences that describe the LISTGROUP and POST arguments for 
> READER state that they "MUST be a single argument", leading one to 
> believe that the two arguments are mutually exclusive, which is clearly 
> not the case (as evidenced by the note in parenthesis).  I guess my 
> concern is with the use of "single".
> 
> 3.4.1:  "Except as an effect of the MODE READERMODE READER command on a 
> mode-switching server, once a server advertises either or both of the 
> IHAVE or READER capabilities, it MUST NOT cease to advertise them later 
> in the session."
> 
> Rather than using the negative, wouldn't something like this sound better:
> 
> "... it MUST continue to advertise them for the entire session."

Both these changes made to my master copy.

> 3.4.2:  Could we get something like the following added after "However, 
> the server MAY cease to advertise the MODE-READER capability after the 
> client uses any command except CAPABILITIES."
> 
> "Specifically, the server MUST NOT advertise the MODE-READER capability 
> after the client uses the MODE READER command or after any security or 
> privacy commands are issued."
> 
> I'm looking for some text to reference in STARTTLS and AUTHINFO which 
> states this.

The first part - concerning MODE READER - is already there in another form:
after a successful MODE READER command the server is in "reading" mode and
MUST NOT advertise the MODE-READER capability. [Oops: I had "MUST not".]

As for security and privacy, I think that's actually an issue for each
extension. So just put your own working in your documents, along the lines
of:

    The server MUST NOT advertise the MODE-READER capability, and the
    client MUST NOT use the MODE READER command, after the client uses
    any of the commands in this document.

-- 
Clive D.W. Feather  | Work:  <clive at demon.net>   | Tel:    +44 20 8495 6138
Internet Expert     | Home:  <clive at davros.org>  | Fax:    +44 870 051 9937
Demon Internet      | WWW: http://www.davros.org | Mobile: +44 7973 377646
Thus plc            |                            |

More information about the ietf-nntp mailing list