Network News Transfer Protocol (NNTP) Extension for Authentication
RFC 4643
| Document | Type |
RFC - Proposed Standard
(October 2006; Errata)
Updates RFC 2980
|
|
|---|---|---|---|
| Authors | Kenneth Murchison , Jeffrey Vinocur | ||
| Last updated | 2020-01-21 | ||
| Stream | IETF | ||
| Formats | plain text html pdf htmlized with errata bibtex | ||
| Stream | WG state | (None) | |
| Document shepherd | No shepherd assigned | ||
| IESG | IESG state | RFC 4643 (Proposed Standard) | |
| Consensus Boilerplate | Unknown | ||
| Telechat date | |||
| Responsible AD | Scott Hollenbeck | ||
| Send notices to | (None) | ||
Network Working Group J. Vinocur
Request for Comments: 4643 Cornell University
Updates: 2980 K. Murchison
Category: Standards Track Carnegie Mellon University
October 2006
Network News Transfer Protocol (NNTP)
Extension for Authentication
Status of This Memo
This document specifies an Internet standards track protocol for the
Internet community, and requests discussion and suggestions for
improvements. Please refer to the current edition of the "Internet
Official Protocol Standards" (STD 1) for the standardization state
and status of this protocol. Distribution of this memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (2006).
Abstract
This document defines an extension to the Network News Transfer
Protocol (NNTP) that allows a client to indicate an authentication
mechanism to the server, to perform an authentication protocol
exchange, and optionally to negotiate a security layer for subsequent
protocol interactions during the remainder of an NNTP session.
This document updates and formalizes the AUTHINFO USER/PASS
authentication method specified in RFC 2980 and deprecates the
AUTHINFO SIMPLE and AUTHINFO GENERIC authentication methods.
Additionally, this document defines a profile of the Simple
Authentication and Security Layer (SASL) for NNTP.
Vinocur, et al. Standards Track [Page 1]
RFC 4643 NNTP Authentication October 2006
Table of Contents
1. Introduction ............................................. 3
1.1. Conventions Used in This Document ................... 3
2. The AUTHINFO Extension ................................... 4
2.1. Advertising the AUTHINFO Extension .................. 4
2.2. Authenticating with the AUTHINFO Extension .......... 5
2.3. AUTHINFO USER/PASS Command .......................... 6
2.3.1. Usage ........................................ 7
2.3.2. Description .................................. 7
2.3.3. Examples ..................................... 9
2.4. AUTHINFO SASL Command ............................... 9
2.4.1. Usage ........................................ 10
2.4.2. Description .................................. 11
2.4.3. Examples ..................................... 14
3. Augmented BNF Syntax for the AUTHINFO Extension .......... 16
3.1. Commands ............................................ 16
3.2. Command Continuation ................................ 17
3.3. Responses ........................................... 17
3.4. Capability Entries .................................. 17
3.5. General Non-terminals ............................... 18
4. Summary of Response Codes ................................ 18
5. Authentication Tracking/Logging .......................... 18
6. Security Considerations .................................. 19
7. IANA Considerations ...................................... 20
7.1. IANA Considerations for SASL/GSSAPI Services ........ 20
7.2. IANA Considerations for NNTP Extensions ............. 20
8. Acknowledgements ......................................... 21
9. References ............................................... 22
9.1. Normative References ................................ 22
9.2. Informative References .............................. 22
Vinocur, et al. Standards Track [Page 2]
RFC 4643 NNTP Authentication October 2006
1. Introduction
Although NNTP [NNTP] has traditionally been used to provide public
access to newsgroups, authentication is often useful for several
purposes; for example, to control resource consumption, to allow
abusers of the POST command to be identified, and to restrict access
to "local" newsgroups.
The ad-hoc AUTHINFO USER and AUTHINFO PASS commands, documented in
[NNTP-COMMON], provide a very weak authentication mechanism in
widespread use by the installed base. Due to their ubiquity, they
are formalized in this specification but (because of their
insecurity) only for use in combination with appropriate security
layers.
The ad hoc AUTHINFO GENERIC command, also documented in [NNTP-COMMON]
but much less ubiquitous, provided an NNTP-specific equivalent of the
generic SASL [SASL] facility. This document deprecates AUTHINFO
GENERIC in favor of an AUTHINFO SASL replacement so that NNTP can
benefit from authentication mechanisms developed for other SASL-
enabled application protocols, including Simple Mail Transfer
Protocol (SMTP) [SMTP-AUTH], Post Office Protocol (POP) [POP-AUTH],
Show full document text