[NNTP] Re: Comments on draft-ietf-nntp-tls-nntp-05.txt
Russ Allbery
rra at stanford.edu
Wed May 25 09:19:29 PDT 2005
Charles Lindsey <chl at clerew.man.ac.uk> writes:
> I think it should remain. Although the whole business of authenticating
> and then down-negotiation is a kludge, I think it is a necessary kludge
> for the time being, and therefore should be described correctly.
> Of course, we all know that in practice people are going to continue to
> send passwords in the clear, but you aren't supposed to say that while any
> IETF people are listening :-) .
> A news SASL mechanism is the ultimate and clean solution.
It seems unlikely to me that people are going to implement
down-negotiation faster than a new SASL mechanism, which makes it kind of
pointless to mention, doesn't it?
--
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
More information about the ietf-nntp
mailing list