NNTP-Ext:[Previous][Up to Table of Contents] [Next]
NNTP-Ext 6.0 Security Considerations |
---|
The use of the AUTHINFO is optional. This command as documented has a number of security implications. In the original and simple forms, all passwords are passed in plaintext and could be discovered by various forms of network or system surveillance. The AUTHINFO GENERIC command has the potential for the same problems if a mechanism is used that also passes cleartext passwords. RFC 1731[8] discusses these issues in greater detail. |
[Source:"draft-ietf-nntp-imp-02.txt"] [Last Changed:March 1998] [Copyright: 1998 S. Barber] |