Example of the negotiation of an unlimited article number size (in the
limit of the length of an NNTP argument, which is 497 octets):
   [C] CAPABILITIES
   [S] 101 Capability list:
   [S] VERSION 2
   [S] READER
   [S] MAXARTNUM 0
   [S] LIST ACTIVE NEWSGROUPS
   [S] .
   [C] MAXARTNUM 0
   [S] 202 0 No limit in article numbers. Enjoy!
   [C] GROUP misc.test
   [S] 211 1 1 1234567890123456789012345678901234567890 misc.test
   [C] STAT 1234567890123456789012345678901234567890
   [S] 223 0 <article@example.net> retrieved
   [S] 501 Argument not understood; sorry, Clive!
Example of a newsgroup containing only one article number, greater than
the current mutual maximum article number. The current article number
is valid, and set to the one of the article present in the newsgroup
when using the GROUP command.
   [Assumes the mutual maximum article number is 2147483647.]
   [C] LIST ACTIVE
   [S] 215 List of newsgroups follows
   [S] misc.test 2147483647 2147483647 y
   [S] .
   [C] GROUP misc.test
   [S] 211 0 2147483647 2147483647 fr.test
   [C] STAT
   [S] 401 MAXARTNUM
I would like to submit you this first draft about MAXARTNUM, as recently discussed.
Comments welcome :-)
[...]
MAXARTNUM Command
[...]
If the MAXARTNUM command does not have exactly one argument, or the
requested number is syntactically incorrect, or below 2,147,483,647 with
the exception of 0 (zero), the server MUST reject the MAXARTNUM command
with a 501 response code ([RFC3977], Section 3.2.1). Otherwise, in case
no other generic response code representing the situation applies, the
server issues a 202 response code followed by the negotiated mutual
maximum article number. Although this negotiated number MAY be
different than the number provided in the MAXARTNUM command, it MUST
either be 0 (zero), or lie between 2,147,483,647 and the number provided
in the MAXARTNUM command.
Example of a newsgroup containing only one article number, greater
than the current mutual maximum article number. The current article
number is valid, and set to the one of the article present in the
newsgroup when using the GROUP command.
    [Assumes the mutual maximum article number is 2147483647.]
    [C] LIST ACTIVE
    [S] 215 List of newsgroups follows
    [S] misc.test 2147483647 2147483647 y
    [S] .
    [C] GROUP misc.test
    [S] 211 0 2147483647 2147483647 fr.test
    [C] STAT
    [S] 401 MAXARTNUM
For this case _AND IF_ I understand correctly, wouldn't it make more
sense to consider the group "empty" (in 215 and 211 replies) for THIS
client (with your prefered way to show an empty group with the reported
high water mark being one less than the reported low water mark)?
Also, 211 reply seems to be incoherent. GROUP ask for 'misc.test' and
server reply with 'fr.test'. But I bet it's a copy/paste error :-)
Le 20/12/2022 23:12, I wrote :
§
maximum article number. Although this negotiated number MAY be
different than the number provided in the MAXARTNUM command, it MUST
either be 0 (zero) when the requested number was 0 (zero), or lie
between 2,147,483,647 and the number provided in the MAXARTNUM command.
§
Oops! It is not correct either, because when there is 0 in the MAXARTNUM command, the server can respond a non-zero number greater than 2,147,483,647, and of course this number doesn't lie between 2,147,483,647 and 0!
§
maximum article number. Although this negotiated number MAY be
different than the number provided in the MAXARTNUM command, it MUST
either be 0 (zero) when the requested number was 0 (zero), or lie
between 2,147,483,647 and the number provided in the MAXARTNUM command.
§
    [C] STAT 1234567890123456789012345678901234567890 <=== NUMBER
I think the 223 reply should mention the article number (not 0)
Not necessarily. It is just a MAY according to RFC 3977:
  In the response, the article number MUST be replaced with zero,
  unless there is a currently selected newsgroup and the article is
  present in that group, in which case the server MAY use the article's
  number in that group.
and that the term "retrieved" should rather be "selected" since STATI can indeed change "retrieved" to "selected", though RFC 3977 uses the
is a selection command, not a retrieval one.
term "retrieved" for ARTICLE, BODY, HEAD, STAT, LAST and NEXT.
I believe it means "trouvé" in this context, and not "récupéré".
"Xref" header MAY reflect the change too or mention "real" article
number even if it is > mutual MAXARTNUM.
I know we discussed it and understood it was useful to alter the header
field (it is the whole point of not showing article numbers not
supported by a news client). I am unsure it's worth leaving a door open
and saying that an implementation MAY not do that whereas they SHOULD > (Not MUST, but SHOULD.)
My server reply :
[S] 501 Argument not understood; Clive, you can't blame me, I really
did everything I could!
:-)
Ah ah!
You may want to allow the syntax when the connection comes from
localhost or your computer if it helps in debugging :-)
Not necessarily. It is just a MAY according to RFC 3977:
  In the response, the article number MUST be replaced with zero,
  unless there is a currently selected newsgroup and the article is
  present in that group, in which case the server MAY use the article's
  number in that group.
It is RECOMMENDED that server implementations permit configuring the
maximum article number implicitly set at the start of an NNTP session,
whose default MUST be 2,147,483,647 when version 2 of NNTP is
advertised in CAPABILITIES (Section 3.3.2 of [RFC3977]). The default
value MAY be different in future versions of NNTP. This implicit
maximum article number MAY be global to the news server or
configurable at a finer level. For instance, the maximum article
number could be implicitly set to 18,446,744,073,709,551,615 (2^64-1)
for certain users either at the start of the NNTP session or after the
use of a mechanism identifying them (e.g. authentication with
AUTHINFO). Configuring a value greater than this default value SHOULD
be done only for users known to run a news client capable of handling
article numbers up to that configured value.
A server supporting the MAXARTNUM command as defined in this document
will advertise the "MAXARTNUM" capability label in response to the CAPABILITIES command (Section 5.2 of [RFC3977]). However, this
capability MUST NOT be advertised once the MAXARTNUM command has
successfully been executed.
This number MUST NOT have leading zeroes, and MUST NOT be lower than 2,147,483,647 with the exception that a value of 0 (zero) is valid,
which indicates that the server can handle article numbers of any
size.
Additionally, the client MUST NOT issue a MODE READER command after a successful negotiation of the mutual maximum article number with the MAXARTNUM command, and a server MUST NOT advertise the MODE-READER capability.
A server MUST NOT return the MAXARTNUM capability label in response to
a CAPABILITIES command received after a successful use of the
MAXARTNUM command, and a server MUST reply with a 502 response code if
a syntactically valid MAXARTNUM command is received after an already successful use of this command.
§
maximum article number. Although this negotiated number MAY be
different than the number provided in the MAXARTNUM command, it MUST
either be 0 (zero) when the requested number was 0 (zero), or lie
between 2,147,483,647 and the number provided in the MAXARTNUM command.
§
Oops! It is not correct either, because when there is 0 in the MAXARTNUM
command, the server can respond a non-zero number greater than 2,147,483,647,
and of course this number doesn't lie between 2,147,483,647 and 0!
§
maximum article number. Although this negotiated number MAY be
different than the number provided in the MAXARTNUM command, it MUST
respect the following condition: if the number provided in the
MAXARTNUM command was 0 (zero) it MUST be either 0 itself or a
number greater than or equal to 2,147,483,647; otherwise it must lie
between 2,147,483,647 and the number provided in the MAXARTNUM command.
§
This affects the responses to GROUP, LIST ACTIVE, LIST COUNTS, and
LISTGROUP commands.
And usually, after the use of commands like AUTHINFO, COMPRESS, STARTTLS which change something in the connection, they are no longer advertised
in CAPABILITIES.
I don’t think the special case for is 0 is necessary since there is no
such server: the 497-octet limit provides an upper bound even for
So there is a problem for instance with "OVER N-M" where N and M are compounded of 497 digits.
And also in existing responses, as we may have a large article number followed by a Message-ID up to 250 characters itself!
And even in GROUP responses, there may be 3 large article numbers
followed by a newsgroup name. (Is there an upper bound for the length
of a newsgroup name? I do not manage to find it in RFC 3977 or 5536.)
When MODE-READER is advertised, we're in the case of a mode-switching
news server. The same way AUTHINFO, COMPRESS, or STARTTLS forbid advertizing MODE-READER after a successful use of the command, MAXARTNUM
also has to. Negotiated states are not shared between transit and
reading facilities of mode-switching news servers.
From previous discussions, it seemed weird that a news client used
MAXARTNUM twice (or more) with a possible different article number
asked. That's the reason of that paragraph.
I agree it is not mandatory; but without it, it would mean that news
servers have to cope with several changes in the mutual article number,
and possibly answer several times "401 MAXARTNUM", and then again a re-negotiation of MAXARTNUM should occur.
That seems complicated. Whence that paragraph to forbid that.
For newsgroup name, when I look at my code, I see that there is a limit
of 66 characters and that each component must not exceed 14 characters.
I don't know where I got these limits, but one thing is certain, I
didn't impose them on my own. I have to find where I got them ^^
I totaly agree with the fact that a client MUST NOT issue MAXARTNUM more
than once in a session.
CAPABILITIESS< 101 Capability list:
MAXARTNUM 140737488355327S< 202 ok
LIST COUNTSS< 380 authorization required
AUTHINFO USER fooS< 381 pass
AUTHINFO PASS barS< 281 fine
S< 380 authorization required
For SNS, the MAXARTNUM is global, so it won't change after AUTH.AUTHINFO USER fooS< 381 pass
AUTHINFO PASS barS< 281 fine
and authorization may alter the MAXARTNUM limit ...
I'd expect the client to resend CAPABILITIES and MAXARTNUM here (at least if the servers limit did change after auth).
Hi Richard,
It is RECOMMENDED that server implementations permit configuring theThis paragraph seems to add scope for incompatibility between
maximum article number implicitly set at the start of an NNTP session,
whose default MUST be 2,147,483,647 when version 2 of NNTP is
advertised in CAPABILITIES (Section 3.3.2 of [RFC3977]). The default
value MAY be different in future versions of NNTP. This implicit
maximum article number MAY be global to the news server or
configurable at a finer level. For instance, the maximum article
number could be implicitly set to 18,446,744,073,709,551,615 (2^64-1)
for certain users either at the start of the NNTP session or after the
use of a mechanism identifying them (e.g. authentication with
AUTHINFO). Configuring a value greater than this default value SHOULD
be done only for users known to run a news client capable of handling
article numbers up to that configured value.
servers
and clients without any clear benefit.
I propose that paragraph because there's a need not to break existing implementations capable of handling 64-bit article numbers (both
servers and clients).
If a server implements MAXARTNUM, a client which still has not would
suddenly be no longer able to participate in newsgroups where he
previously could!
So here's the need I wish to deal with. In the same way MAXARTNUM is designed not to break existing legacy 32-bit implementations, it
shouldn't break existing 64-bit implementations which went ahead and
are using large article numbers.
I came up with that idea formulated in the above paragraph. Note that
a server that only implements a global parameter for the initial
maximum article number (set to 2^31-1) is compliant!
Do you happen to have another better solution for that need?
A server supporting the MAXARTNUM command as defined in this documentWhy not? Seems like an entirely unnecessary restriction on the
will advertise the "MAXARTNUM" capability label in response to the
CAPABILITIES command (Section 5.2 of [RFC3977]). However, this
capability MUST NOT be advertised once the MAXARTNUM command has
successfully been executed.
server.
The problem I see in going on advertising MAXARTNUM is CAPABILITIES is
that it may be confusing.
The server could advertise "MAXARTNUM N" whereas a value different
than N has been negotiated.
And usually, after the use of commands like AUTHINFO, COMPRESS,
STARTTLS which change something in the connection, they are no longer advertised in CAPABILITIES.
Do you see a drawback in no longer advertising it either?
Nonetheless, your remark about such large article numbers makes me
think about something I overlooked...
From RFC 3977:
Command lines MUST NOT exceed
512 octets, which includes the terminating CRLF pair. The arguments
MUST NOT exceed 497 octets. A server MAY relax these limits for
commands defined in an extension.
The initial line of the response MUST NOT exceed
512 octets, which includes the response code and the terminating CRLF
pair; an extension MAY specify a greater maximum for commands that it
defines, but not for any other command.
So there is a problem for instance with "OVER N-M" where N and M are compounded of 497 digits.
And also in existing responses, as we may have a large article number followed by a Message-ID up to 250 characters itself!
And even in GROUP responses, there may be 3 large article numbers
followed by a newsgroup name. (Is there an upper bound for the length
of a newsgroup name? I do not manage to find it in RFC 3977 or 5536.)
Something should definitively be said about that in the MAXARTNUM extension...
Should we then restrict the maximum length of article numbers to a
precise number, given these requirements?
For version 2 of NNTP, we may for instance take 40 bytes, which is
enough for 2^128 articles. And just say a future version may relax
the current limits in the length of command lines and initial response
lines.
Do you see any other idea to deal with that issue?
Additionally, the client MUST NOT issue a MODE READER command after aThe former I can see, but why forbid advertizing MODE-READER after
successful negotiation of the mutual maximum article number with the
MAXARTNUM command, and a server MUST NOT advertise the MODE-READER
capability.
MAXARTNUM has been negotiated?
When MODE-READER is advertised, we're in the case of a mode-switching
news server. The same way AUTHINFO, COMPRESS, or STARTTLS forbid
advertizing MODE-READER after a successful use of the command,
MAXARTNUM also has to. Negotiated states are not shared between
transit and reading facilities of mode-switching news servers.
A server MUST NOT return the MAXARTNUM capability label in response toWhy?
a CAPABILITIES command received after a successful use of the
MAXARTNUM command, and a server MUST reply with a 502 response code if
a syntactically valid MAXARTNUM command is received after an already
successful use of this command.
From previous discussions, it seemed weird that a news client used
MAXARTNUM twice (or more) with a possible different article number
asked. That's the reason of that paragraph.
Urs Janßen wrote:
[...]
AUTHINFO USER fooS< 381 pass
AUTHINFO PASS barS< 281 fine
and authorization may alter the MAXARTNUM limit ...
I'd expect the client to resend CAPABILITIES and MAXARTNUM here (at least if
the servers limit did change after auth).
For SNS, the MAXARTNUM is global, so it won't change after AUTH.
But if I'm not wrong, a 480 error indicates that a resource is
unavailable at the moment but may become available after authentication.
So perhalps, for other implementations, it can be usefull to reset the
state of MAXARTNUM, thus showing it again in capabilities?
How does such an implementation would look like?After looking at my code and because I was sure to have taken in account
For newsgroup name, when I look at my code, I see that there is a
limit of 66 characters and that each component must not exceed 14
characters.
I don't know where I got these limits, but one thing is certain, I
didn't impose them on my own. I have to find where I got them ^^
I think theses limits where found in an article by David W. Wright, "Guidelines on Usenet Newsgroup Names" (1999).
To date it seems that components may be up to 14, 20 or 30 chars (even
if 14 is recommended). I do not see the 66 chars size limit anymore.
I totaly agree with the fact that a client MUST NOT issue MAXARTNUM more
than once in a session.
as auth requests may pop up "unexpected" like in
S< 200 hello
CAPABILITIESS< 101 Capability list:
S< VERSION 2
S< READER
S< AUTHINFO USER SASL
S< MAXARTNUM 140737488355327
[...]
S< .
MAXARTNUM 140737488355327S< 202 ok
[...]
LIST COUNTSS< 380 authorization required
AUTHINFO USER fooS< 381 pass
AUTHINFO PASS barS< 281 fine
and authorization may alter the MAXARTNUM limit ...
I'd expect the client to resend CAPABILITIES and MAXARTNUM here (at least if the servers limit did change after auth).
So here's the need I wish to deal with. In the same way MAXARTNUM is
designed not to break existing legacy 32-bit implementations, it
shouldn't break existing 64-bit implementations which went ahead and
are using large article numbers.
I came up with that idea formulated in the above paragraph. Note that
a server that only implements a global parameter for the initial
maximum article number (set to 2^31-1) is compliant!
Do you happen to have another better solution for that need?
I do see the problem.
One answer is to say that those servers are out of spec and can continue being out of spec, including the MAXARTNUM spec.
Anyway, I think we shouldn’t impose unnecessary requirements (the RECOMMENDED) on other servers.
My suggestion therefore would be something like:
A server implementation MAY configure a maximum article number for a
connection based on other techniques, for example client
fingerprinting, per-user configuration or server
configuration. Configuring a value greater than the default of
2147483647 SHOULD be done only for clients known to be capable of
handling article numbers up to that configured maximum article number.
A server supporting the MAXARTNUM command as defined in this documentWhy not? Seems like an entirely unnecessary restriction on the
will advertise the "MAXARTNUM" capability label in response to the
CAPABILITIES command (Section 5.2 of [RFC3977]). However, this
capability MUST NOT be advertised once the MAXARTNUM command has
successfully been executed.
server.
The problem I see in going on advertising MAXARTNUM is CAPABILITIES is
that it may be confusing.
The server could advertise "MAXARTNUM N" whereas a value different
than N has been negotiated.
IMO that isn’t very likely, but the inconsistency could be explicitly forbidden if it’s a concern.
And usually, after the use of commands like AUTHINFO, COMPRESS,
STARTTLS which change something in the connection, they are no longer
advertised in CAPABILITIES.
Do you see a drawback in no longer advertising it either?
My suggestion would be to forbid the server from changing its MAXARTNUM advertisement in CAPABILITIES. For example:
A server that does not advertize MAXARTNUM in one CAPABILITIES
response MUST NOT then advertizing it in a subsequent CAPABILITIES
response in the same session without an intervening successful MODE
READER.
A server that advertizes MAXARTNUM in one CAPABILITIES response MUST
NOT remove it, or advertize a different maximum article number, in a
subsequent CAPABILITIES response in the same session without an
intervening successful MODE READER.
Once a MAXARTNUM command has succeeded, a server MAY reply 502 toThe problem with MAY is that it leaves a choice. Both the developers of
all subsequent MAXARTNUM commands.
Command lines MUST NOT exceed
512 octets, which includes the terminating CRLF pair. The arguments
MUST NOT exceed 497 octets. A server MAY relax these limits for
commands defined in an extension.
The initial line of the response MUST NOT exceed
512 octets, which includes the response code and the terminating CRLF
pair; an extension MAY specify a greater maximum for commands that it
defines, but not for any other command.
So there is a problem for instance with "OVER N-M" where N and M are
compounded of 497 digits.
And also in existing responses, as we may have a large article number
followed by a Message-ID up to 250 characters itself!
And even in GROUP responses, there may be 3 large article numbers
followed by a newsgroup name. (Is there an upper bound for the length
of a newsgroup name? I do not manage to find it in RFC 3977 or 5536.)
Something should definitively be said about that in the MAXARTNUM
extension...
Should we then restrict the maximum length of article numbers to a
precise number, given these requirements?
For version 2 of NNTP, we may for instance take 40 bytes, which is
enough for 2^128 articles. And just say a future version may relax
the current limits in the length of command lines and initial response
lines.
Do you see any other idea to deal with that issue?
Article numbers of 2^63 aren’t realistic. Even at a thousand articles
per second it would take hundreds of millions of years to reach such a
large article number. For 128-bit article numbers we’re talking 10^27 years.
So I don’t think we need to worry about these very large
numbers. They’re not happening.
The MAXARTNUM limit is not supposed to change before and after the use
of AUTHINFO. I should probably explicitly say it.
The news server advertises the maximum article number it can handle.
The news client uses MAXARTNUM to inform the news server of the maximum article number it could send.
Both these maximum are not expected to change during an NNTP session. Authentication MAY be needed before using MAXARTNUM if the news server
is configured to, but on no account should it advertise a different
maximum article number.
The part in the specification about authentication is for a possible *implicitly negotiated* different maximum article number, without using MAXARTNUM. For instance to say that Joe can see 2^64-1 articles because
he is using a news client I know is capable of handling them but unfortunately does not implement MAXARTNUM to say it.
Does it sound good to you with these explanations?
I believe something needs being said about the maximum allowed, so as
not to be vague.
And better put a limit corresponding to the "next
step" (2^128) instead of the one we consider in 2022 (2^64).
This way, the problem is closed for version 2 of the protocol. As you
say, it should normally be enough for several years or maybe forever
for the needs of NNTP. (As a side note, future 128-bit processors
will probably treat "long long" as 128-bit integers, and existing implementations built on such architectures may advertise that
length... I don't know how current 256-bit GPU treat "long long".)
I believe something needs being said about the maximum allowed, so as
not to be vague.
Agreed...
And better put a limit corresponding to the "next
step" (2^128) instead of the one we consider in 2022 (2^64).
...but I’m not so sure that a limit around 2^128 is right.
This way, the problem is closed for version 2 of the protocol. As you
say, it should normally be enough for several years or maybe forever
for the needs of NNTP. (As a side note, future 128-bit processors
will probably treat "long long" as 128-bit integers, and existing
implementations built on such architectures may advertise that
length... I don't know how current 256-bit GPU treat "long long".)
I’d note that there is a practical advantage to a 63-bit (or 64-bit)
limit: parsing integers up to 64 bits is straightforward in current C implementations
If article numbers above 64 bits were realistic then this consideration
would be irrelevant. But they aren’t; as such I don’t think we should make life harder for implementors to handle an implausible contingency.
Does it sound good to you with these explanations?
Does it sound good to you with these explanations?
I would like to submit you this first draft about MAXARTNUM, as recently >discussed.
Comments welcome :-)
I believe something needs being said about the maximum allowed, so asAgreed...
not to be vague.
And better put a limit corresponding to the "next...but I’m not so sure that a limit around 2^128 is right.
step" (2^128) instead of the one we consider in 2022 (2^64).
There won't be any "right" value :-(
Unless I am missing something?
If article numbers above 64 bits were realistic then this consideration
would be irrelevant. But they aren’t; as such I don’t think we should
make life harder for implementors to handle an implausible contingency.
Clive explicitly warned us in 2005: https://lists.eyrie.org/pipermail/ietf-nntp/2005-July/005802.html
Firstly, let us learn from the past and *not* call this - or make
it - a "64 bit" facility.
We don't know what the future will be...
I believe something needs being said about the maximum allowed, so asAgreed...
not to be vague.
Honestly, 64 bits is plenty. This isn’t a ‘640k is enough for
anyone’. There will never be a newsgroup with 2^64 articles in it. See
my earlier post.
We don't know what the future will be...
In this case I think we can make an adequate prediction.
I believe something needs being said about the maximum allowed, so as >>>>> not to be vague.Agreed...
OK, we both agree to define a limit.
Honestly, 64 bits is plenty. This isn’t a ‘640k is enough for
anyone’. There will never be a newsgroup with 2^64 articles in it. See
my earlier post.
Yes, I understand.
On second thoughts, I think Clive's point was to have a scalable
capability. That is to say, not define a simple BIGNUM command
without argument saying that the implementation handles 64-bit article numbers, but a command with an explicit article number.
This way, I agree that 2^64 is a good choice for the limit to define
in the MAXARTNUM extension because:
- as you say, it is a tremendously high number for the usage of Usenet
or Netnews in general;
- it is unlikely that there are existing implementations which can
already cope with higher article numbers, and that won't probably be
the cases for years;
- NNTP version 2 enforces limits in the length of command lines and
initial response lines, so we cannot define for now a command
allowing article numbers of an arbitrary size;
- and if after all it appears that Netnews needs higher article
numbers than 2^64-1, then the MAXARTNUM command is already prepared
to handle the case - to be proper, we would then have to standardize
an official NNTP version 3 with a few adjustements to allow greater
limits for commands and responses, and possible other stuff to fit the
usage of Netnews at that future time, and integrate MAXARTNUM in the
core v3 spec.
Sounds good to you?
I'll update the proposal in January with all we came up with during
this discussion.
Thanks again for your valuable input.
Happy Christmas all!
This way, I agree that 2^64 is a good choice for the limit to define in
the MAXARTNUM extension because:
- as you say, it is a tremendously high number for the usage of Usenet
or Netnews in general;
- it is unlikely that there are existing implementations which can
already cope with higher article numbers, and that won't probably be the cases for years;
- NNTP version 2 enforces limits in the length of command lines and
initial response lines, so we cannot define for now a command allowing article numbers of an arbitrary size;
- and if after all it appears that Netnews needs higher article numbers
than 2^64-1, then the MAXARTNUM command is already prepared to handle
the case - to be proper, we would then have to standardize an official
NNTP version 3 with a few adjustements to allow greater limits for
commands and responses, and possible other stuff to fit the usage of
Netnews at that future time, and integrate MAXARTNUM in the core v3 spec.
It sounds like you are looking into the future and considering preparing
INN to support large numbers, which is good news!
So what we do? If I understand correctly, we are removing MAXARTNUM 0?
The maximum article number is a capability of the client which is useful
for the server to know. Is this the only such capability that could exist? If there are others, it might be better to instead define a general CLIENTCAP command with a MAXARTNUM sub-command.
[...]
From RFC 3977:
o Although this specification allows UTF-8 for newsgroup names, they
SHOULD be restricted to US-ASCII until a successor to RFC 1036
[RFC1036] standardises another approach. 8-bit encodings SHOULD
NOT be used because they are likely to cause interoperability
problems.
Until such specifications
are published, implementations SHOULD match newsgroup names octet by
octet. It is anticipated that any approved scheme will be applied
"at the edges", and therefore octet-by-octet comparison will continue
to apply to most, if not all, uses of newsgroup names in NNTP.
If we're going to have only a very few, if any, more general "ENABLE" commands, is it worth the complexification of defining its parsing
instead of just having top-level commands?
ENABLE MAXARTNUM=18446744073709551615 UTF8=ACCEPT NULCHARS=ACCEPT MAXRESPLINES=UNLIMITED
I would prefer simplicity, this means only one feature per command.
S ENABLE MAXARTNUM UTF8 NULCHARS MAXRESPLINES
S .
C ENABLE MAXARTNUM=18446744073709551615
In <AABjtplGZckAAAqY.A3.flnews@WStation7.micha.freeshell.org> on Thu, 05 Jan 2023 10:32:54,
Michael Bäuerle wrote:
I would prefer simplicity, this means only one feature per command.
ACK
S ENABLE MAXARTNUM UTF8 NULCHARS MAXRESPLINES
S .
but now the server does not tell the client it's MAXARTNUM limit anymore
C ENABLE MAXARTNUM=18446744073709551615
and that might be beyond the servers limit of e.g. 2^63-1 and thus
leading to 4xx ...
In our example it could look like:
ENABLE MAXARTNUM UTF8 NULCHARS MAXRESPLINES
MAXARTNUM 18446744073709551615
There is a similar situation for AUTHINFO with SASL in CAPABILITIES:
|
| AUTHINFO USER SASL
| SASL CRAM-MD5 PLAIN
In our example it could look like:
ENABLE MAXARTNUM UTF8 NULCHARS MAXRESPLINES
MAXARTNUM 18446744073709551615
ENABLE MAXARTNUM UTF8 NULCHARS MAXRESPLINES
MAXARTNUM 18446744073709551615
but what's the point in listing MAXARTNUM in ENABLE when it is
announced with its limit anyway (if available)?
If we're going to have only a very few, if any, more general "ENABLE"
commands, is it worth the complexification of defining its parsing
instead of just having top-level commands?
ENABLE MAXARTNUM=18446744073709551615 UTF8=ACCEPT NULCHARS=ACCEPT
MAXRESPLINES=UNLIMITED
There are potential problems if not all of the features are supported
by the server. The command likely will be rejected with an error code,
no feature will be enabled and the client doesn't know which subcommand
was responsible for the problem.
The client has to parse the response
for information or test all features individually.
In theory this should not happen, if the client has parsed CAPABILITIES carefully, but in real world there may be bugs somewhere.
I would prefer simplicity, this means only one feature per command.
But maybe the toplevel command "ENABLE", to enable/negotiate features,
is useful to share the same return codes for all features.
C ENABLE UTF-8=ACCEPT
S 500
This has to be done only once per session and the additional roundtrip
times should be acceptable if the number of features is small.
Urs Janßen wrote:
Michael Bäuerle wrote:
ENABLE MAXARTNUM UTF8 NULCHARS MAXRESPLINES
MAXARTNUM 18446744073709551615
but what's the point in listing MAXARTNUM in ENABLE when it is
announced with its limit anyway (if available)?
Out of consistency, as it is a capability negotiated with the ENABLE
command?
Yet, I agree it is redundant, compared with "ENABLE MAXARTNUM=xxx".
Both the approaches seem to make sense, though.
Michael Bäuerle wrote:
Julien ÉLIE wrote:
If we're going to have only a very few, if any, more general "ENABLE" commands, is it worth the complexification of defining its parsing instead of just having top-level commands?
ENABLE MAXARTNUM=18446744073709551615 UTF8=ACCEPT NULCHARS=ACCEPT MAXRESPLINES=UNLIMITED
There are potential problems if not all of the features are supported
by the server. The command likely will be rejected with an error code,
no feature will be enabled and the client doesn't know which subcommand
was responsible for the problem.
The ENABLE command in IMAP does:
- If the argument is not an extension known to the server, the server
MUST ignore the argument.
- If the argument is an extension known to the server, and it is not
specifically permitted to be enabled using ENABLE, the server MUST
ignore the argument. (Note that knowing about an extension doesn't
necessarily imply supporting that extension.)
- If the argument is an extension that is supported by the server and
that needs to be enabled, the server MUST enable the extension for
the duration of the connection. At present, this applies only to
CONDSTORE ([RFC4551]). Note that once an extension is enabled,
there is no way to disable it.
The ENABLE command can be issued multiple times in a session. It is
additive; i.e., "ENABLE a b", followed by "ENABLE c" is the same as a
single command "ENABLE a b c".
The server MUST NOT change the CAPABILITY list as a result of
executing ENABLE; i.e., a CAPABILITY command issued right after an
ENABLE command MUST list the same capabilities as a CAPABILITY
command issued before the ENABLE command.
For the last point about going on advertising the capability, I am
unsure we should do the same for NNTP, if we use ENABLE. Once the
maximum article number is negotiated, it cannot be changed a second
time, so there's no need in advertising the capability.
The client has to parse the response
for information or test all features individually.
In theory this should not happen, if the client has parsed CAPABILITIES carefully, but in real world there may be bugs somewhere.
I agree that parsing ENABLE commands and results without error will be challenging...
It is far more work than unique commands, one per feature.
Capability list:
[S] ENABLE MAXARTNUM=18446744073709551615 UTF8=NEWSGROUPS,HEADERS
NULCHARS MAXRESPLINES=4096
(or a variant on several lines with individual MAXARTNUM, UTF8 and MAXRESPLINES capabilities - not needed for NULCHARS)
Command:
[C] ENABLE MAXARTNUM=9223372036854775807 UTF8=NEWSGROUPS MAXRESPLINES=2048 [S] 206 UTF8=NEWSGROUPS MAXARTNUM=9223372036854775807 MAXRESPLINES=2048
Responding what has been enabled, without trailing comment.
We may have instead of a 501 syntax error, not giving useful information:
[C] ENABLE MAXARTNUM=badnumber UTF8=NONE MAXRESPLINES=2048
[S] 506 MAXARTNUM UTF8
(new error code to indicate syntax error in recognized commands, listed
after 506, and MAXRESPLINES is not enabled)
Or we can just use 501 without that complexity.
A bit of work...
I would prefer simplicity, this means only one feature per command.
But maybe the toplevel command "ENABLE", to enable/negotiate features,
is useful to share the same return codes for all features.
Defining shared return codes, and enabling all features in only 1
command, may be the only advantages for ENABLE.
I don't know if that's worth the extra work in complexity of coding/debugging/getting it right.
Notably if we end up only having MAXARTNUM as a feature to enable...
C ENABLE UTF-8=ACCEPT
S 500
Might be 503 (feature not supported) in case the extension is unknown
to the server. (500 is for the base command.)
This has to be done only once per session and the additional roundtrip times should be acceptable if the number of features is small.
We already have many roundtrips in sessions like this one, where the
client sends CAPABILITIES several times:
CAPABILITIES (gosh, MODE-READER is advertised)
MODE READER
CAPABILITIES (gosh, there is no argument to AUTHINFO)
STARTTLS
CAPABILITIES (yes, I can now authenticate)
AUTHINFO USER
AUTHINFO PASS
CAPABILITIES (I now have more capabilities available)
COMPRESS DEFLATE
ENABLE MAXARTNUM=18446744073709551615
And now after 10 commands (sic), I can send LIST ACTIVE & co.
Using implicit TLS on port 563, which is the most wide-spread
situation, we have 4 less commands.
Seems reasonable after all to have separate commands (MAXARTNUM, and
other possible future extensions) instead of ENABLE...
We may have instead of a 501 syntax error, not giving useful information:
[C] ENABLE MAXARTNUM=badnumber UTF8=NONE MAXRESPLINES=2048
[S] 506 MAXARTNUM UTF8
(new error code to indicate syntax error in recognized commands, listed
after 506, and MAXRESPLINES is not enabled)
Or we can just use 501 without that complexity.
A bit of work...
Because adoption of new features is already so slow for Usenet, I think
we should look for a simpler solution.
For your server I already have 8 commands even with implicit TLS and
without MODE-READER:
CAPABILITIES
AUTHINFO USER
AUTHINFO PASS
CAPABILITIES
COMPRESS DEFLATE
CAPABILITIES
LIST OVERVIEW.FMT
LIST DISTRIB.PATS
Would be 9 commands with MAXARTNUM.
The capability refresh after COMPRESS may be required because flnews
supports immediate and 480-triggered authentication (the order listed
above is not guaranteed).
| [...], a server MUST either list the AUTHINFO capability with
| no arguments or not advertise it at all, in response to a
| CAPABILITIES command received from an unauthenticated client after a
| successful use of the COMPRESS command, [...]
Michael Bäuerle wrote:
[...]
For your server I already have 8 commands even with implicit TLS and without MODE-READER:
CAPABILITIES
AUTHINFO USER
AUTHINFO PASS
CAPABILITIES
COMPRESS DEFLATE
CAPABILITIES
LIST OVERVIEW.FMT
LIST DISTRIB.PATS
Would be 9 commands with MAXARTNUM.
Oh yes, I had forgotten about these useful generic LIST requests.
When and if flnews supports automatic display of the message of the day
(when changed from a previous session), it will also be another LIST
MOTD command to send...
You may also have generic LIST SUBSCRIPTIONS (only on 1st connection on
a news server probably) so it does not really count,
and LIST HEADERS if
you use HDR commands.
Also wondering whether a news reader couldn't periodically check for new newsgroups and propose them to the user? (with an option like "check
and advertise new newsgroups every XX days", which would refresh the
list and propose new newsgroups from NEWGROUPS or LIST ACTIVE.TIMES
commands, or maybe direct check in LIST ACTIVE because a news server may
not maintain the information)
The capability refresh after COMPRESS may be required because flnews supports immediate and 480-triggered authentication (the order listed
above is not guaranteed).
| [...], a server MUST either list the AUTHINFO capability with
| no arguments or not advertise it at all, in response to a
| CAPABILITIES command received from an unauthenticated client after a
| successful use of the COMPRESS command, [...]
OK, then it would be 9 commands if COMPRESS is sent before AUTHINFO. Otherwise, only 8 commands because sending CAPABILITIES after COMPRESS
when the user is already authenticated is normally not useful, is it?
Sysop: | Keyop |
---|---|
Location: | Huddersfield, West Yorkshire, UK |
Users: | 300 |
Nodes: | 16 (2 / 14) |
Uptime: | 72:37:31 |
Calls: | 6,714 |
Calls today: | 2 |
Files: | 12,246 |
Messages: | 5,357,083 |