[NNTP] Revisiting POST as a separate capability

Clive D.W. Feather clive at demon.net
Tue Mar 29 00:14:54 PST 2005


Jeffrey M. Vinocur said:
> We're trying to find a sensible and concise way to represent a universe 
> of fine-grained possible combinations of available features.  I 
> wouldn't want to eliminate the notion of arguments to capabilities, but 
> I think we should try to discourage it.  In essence, that approach uses 
> the syntax to encode the semantics of what can be advertised when, but 
> only for the special case of one capability depending on another.

True. But when the syntax can help you, why not let it?

> But 
> this won't work if the subsidiary capability needs arguments of its own 
> (for example, SASL PLAIN can't be advertised without STARTTLS,

Yes it can. Firstly, it can be advertised with XENCRYPT, or any other
encryption technique. Secondly, right at the end of 2.4.2 you say:

    The SASL PLAIN mechanism is
    preferred over AUTHINFO USER, even if there is not a strong
    encryption layer active,

Even section 6 only requires the existence of a mode that prevents plain
passwords without encryption.

> Similarly, it won't work if the subsidiary capability 
> depends on having any of several alternatives available (no obvious 
> example comes to mind, but I hope the idea is clear).

See first comment.

-- 
Clive D.W. Feather  | Work:  <clive at demon.net>   | Tel:    +44 20 8495 6138
Internet Expert     | Home:  <clive at davros.org>  | Fax:    +44 870 051 9937
Demon Internet      | WWW: http://www.davros.org | Mobile: +44 7973 377646
Thus plc            |                            |



More information about the ietf-nntp mailing list