Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.toronto.edu!ietf-nntp-distribution-owner
Message-ID: <9106241429.AA25846@TIS.COM>
Reply-To: James M Galvin <galvin@TIS.COM>
Original-To: Rich Salz <rsalz@bbn.com>
Original-Cc: ietf-nntp@turbo.bio.net, lear@turbo.bio.net
Subject: Re: July IETF Meeting 
References: Rich Salz's message
             of Mon, 24 Jun 91 09: 57:04 EDT.
             <9106241357.AA09123@litchi.bbn.com> 
Date: Mon, 24 Jun 1991 10:29:29 -0400
From: galvin@TIS.COM (James M Galvin)
Newsgroups: list.ietf-nntp
Distribution: list
Sender: list-admin@cs.toronto.edu
Approved: list.ietf-nntp@mail.cs.toronto.edu
Lines:       23

		-I don't think we ever really reached consensus on the
		 authentication, or did we?

I, too, do not have the impression that consensus was reached.  I looked
back over the notes I did save (not all of them), and derived the following:

1. Host (or connection?) level authentication seems the most appropriate.
   A point that was not resolved was whether or not this should be mutual or
   just the "client" authenticating itself to the "server".

2. Confidentiality was briefly discussed, but it seems more appropriate at
   the newsgroup level.  Since newsgroups are not defined at the NNTP
   level, this is probably a service for a higher layer.

3. The closest thing to consensus with respect to a mechanism was a number
   of suggestions to use id/password pairs.  My opinion is this may be okay
   for now, while we wait for the CAT working group to do its thing.
   Kerberos was also suggested.

This is my recollection and interpretation of what I saved.  It could be
wrong.

Jim