[issue1926] NNTPS support in nntplib
Julien ÉLIE
report at bugs.python.org
Sat Nov 6 12:57:01 CET 2010
Julien ÉLIE <julien at trigofacile.com> added the comment:
> More significant than my own potentially newbie-ish
> opinion is that the RFC suggests as a valid use case
> the idea of a client starting up TLS or authentication
> in reaction to a 483 command response, rather than right
> off the bat.
Yes. (Currently, it would only be TLS with nntplib, because
SASL mechanisms which negotiate an encryption layer are not
implemented yet in nntplib. But in case someone wishes to test,
I have the following capabilities on my news server,
news.trigofacile.com :
AUTHINFO USER SASL
SASL GSSAPI OTP PLAIN NTLM LOGIN DIGEST-MD5 CRAM-MD5
STARTTLS
)
> I'm pretty sure this is impossible under the current setup,
> where login/encryption happens only at initialization and
> there's no method exposed to do it later.
Absolutely.
> I've been maintaining the readermode_afterauth thing
[...]
> it smelled bad from the start to me.
Yep. According to RFC 4643:
Additionally, the client MUST NOT issue a MODE READER
command after authentication, and a server MUST NOT advertise the
MODE-READER capability.
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue1926>
_______________________________________
More information about the Python-bugs-list
mailing list