RE: ietf-nntp Feedback on the 9/3 nntpext.

"Larry Osterman (Exchange)" <larryo@exchange.microsoft.com> Fri, 05 September 1997 20:26 UTC

Received: from cnri by ietf.org id aa20357; 5 Sep 97 16:26 EDT
Received: from announcer.academ.com (majordomo@ANNOUNCER.ACADEM.COM [198.137.249.60]) by cnri.reston.va.us (8.8.5/8.7.3) with ESMTPid QAA07527 for <ietf-archive@cnri.reston.va.us>; Fri, 5 Sep 1997 16:29:44 -0400 (EDT)
Received: (from majordomo@localhost) by announcer.academ.com (8.8.5/8.8.5) id PAA09530; Fri, 5 Sep 1997 15:24:12 -0500 (CDT)
Received: from academ.com (root@ACADEM.COM [198.137.249.2]) by announcer.academ.com (8.8.5/8.8.5) with ESMTP id PAA09525 for <ietf-nntp@ANNOUNCER.ACADEM.COM>; Fri, 5 Sep 1997 15:24:10 -0500 (CDT)
Received: from doggate.exchange.microsoft.com (doggate.microsoft.com [131.107.2.63]) by academ.com (8.8.5/8.8.5) with SMTP id PAA14930 for <ietf-nntp@academ.com>; Fri, 5 Sep 1997 15:24:08 -0500 (CDT)
Received: by DOGGATE with Internet Mail Service (5.5.1664.3) id <S2PVB3SW>; Fri, 5 Sep 1997 13:24:11 -0700
Message-ID: <2FBF98FC7852CF11912A0000000000010581D2FF@DINO>
From: "Larry Osterman (Exchange)" <larryo@exchange.microsoft.com>
To: 'Brian Kantor' <brian@karoshi.ucsd.edu>, ietf-nntp@academ.com
Subject: RE: ietf-nntp Feedback on the 9/3 nntpext.
Date: Fri, 05 Sep 1997 13:24:06 -0700
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.1664.3)
Content-Type: text/plain
Sender: owner-ietf-nntp@academ.com
Precedence: bulk

The reason a client might want to keep a connection open is to avoid
re-authenticating a user.   Consider, for example an OTP system.  In
such a system, the users credentials have a limited lifetime (typically
several hundred iterations), after which the user needs to get a new set
of credentials.

In such an environment, it is critical that clients minimize the number
of authentications, and every server disconnection forces one of the
passwords to be exhausted.

Also, on many systems authentication is quite slow (up to half a second
or more), so clients try to avoid authentications as much as possible -
and again, if the server disconnects, it causes unnecessary client
slowdowns.

All I'm getting at is that I think that it makes sense for the NNTP
draft to:
	a) Mandate that timeouts are legal
and	b) Place some restrictions on a minimum length for that timeout.

I don't care what the minimum timeout is (1 minute :)), but there SHOULD
be a minimum timeout.


Larry Osterman
Via Exchange Osmium on Larryo-Laptop.dns.microsoft.com with NT 4.0.
Since these are not all released products, please notify the sender of
any difficulties.



> -----Original Message-----
> From:	Brian Kantor [SMTP:brian@karoshi.ucsd.edu]
> Sent:	Thursday, September 04, 1997 3:40 PM
> To:	ietf-nntp@academ.com
> Subject:	Re: ietf-nntp Feedback on the 9/3 nntpext.
> 
> I don't believe a minimum timeout is required nor needs to be
> specified.
> Timing out client connections is a management decision made by server
> managers, based on their perception of need in their environment.
> 
> Clients which hold a connection open by sending 'NOOP' or other
> techniques
> in the absence of real transactions would appear to be doing so solely
> to circumvent the server manager's desire to time out idle clients.
> 
> In my local version of nnrpd, I treat NOOP as QUIT.
> 	- Brian