Author jelie
Recipients StevenJ, ajvant, chasonr, christian.heimes, giampaolo.rodola, janssen, jelie, pitrou
Date 2010-11-06.11:56:58
SpamBayes Score 1.83806e-06
Marked as misclassified No
Message-id <1289044621.12.0.526567558675.issue1926@psf.upfronthosting.co.za>
In-reply-to
Content
> More significant than my own potentially newbie-ish
> opinion is that the RFC suggests as a valid use case
> the idea of a client starting up TLS or authentication
> in reaction to a 483 command response, rather than right
> off the bat.

Yes.  (Currently, it would only be TLS with nntplib, because
SASL mechanisms which negotiate an encryption layer are not
implemented yet in nntplib.  But in case someone wishes to test,
I have the following capabilities on my news server,
news.trigofacile.com :
AUTHINFO USER SASL
SASL GSSAPI OTP PLAIN NTLM LOGIN DIGEST-MD5 CRAM-MD5
STARTTLS
)



> I'm pretty sure this is impossible under the current setup,
> where login/encryption happens only at initialization and
> there's no method exposed to do it later.

Absolutely.



> I've been maintaining the readermode_afterauth thing
[...]
> it smelled bad from the start to me.

Yep.  According to RFC 4643:

   Additionally, the client MUST NOT issue a MODE READER
   command after authentication, and a server MUST NOT advertise the
   MODE-READER capability.
History
Date User Action Args
2010-11-06 11:57:01jeliesetrecipients: + jelie, janssen, pitrou, giampaolo.rodola, christian.heimes, chasonr, ajvant, StevenJ
2010-11-06 11:57:01jeliesetmessageid: <1289044621.12.0.526567558675.issue1926@psf.upfronthosting.co.za>
2010-11-06 11:56:59jelielinkissue1926 messages
2010-11-06 11:56:58jeliecreate