Re: [ftpext] Last Call: (File Transfer Protocol HOST Command for Virtual Hosts) to Proposed Standard

Fri, 24 Jun 2011 21:32:08 -0700 

24.06.2011 22:08, Robert McMurray wrote:

Thanks, Mykyta.

Section 3.3 already addresses that scenario in the second paragraph - and the 
server behaviors are exactly what you were suggesting:

    As discussed in section 3 of this document, if a HOST command is sent
    after a user has been authenticated the server SHOULD do one of the
    following:

    a.  Send a 503 reply for an invalid sequence of commands.

    b.  Treat the HOST command as though a REIN command was sent and
        reset the user-PI to the state that existed after the previous
        HOST command was sent and before the user had been authenticated,
        and then return the appropriate reply for the HOST command.
OK, and if HOST is sent for the second time when the user hasn't got authenticated, eg. 

S> 220 Server ready
C> HOST example.com
S> 220 HOST OK
C> HOST example.org
S> ???
I suppose it may be 503 reply or switching to the identified host with 220 reply. This situation isn't mentioned in your document. 

Mykyta Yevstifeyev

Thanks again!

Robert McMurray

-----Original Message-----
From: Mykyta Yevstifeyev [mailto:evniki...@gmail.com]
Sent: Friday, June 24, 2011 9:53 AM
To: ietf@ietf.org; ftp...@ietf.org
Subject: Re: [ftpext] Last Call:<draft-ietf-ftpext2-hosts-02.txt>  (File 
Transfer Protocol HOST Command for Virtual Hosts) to Proposed Standard

Hello,

This document is well written; I'm strongly for its publication on Standards 
Track.  I have an only remark.  This document doesn't seem to mention what is 
the behavior of the server if HOST command is sent after one HOST has already 
been sent.  Eg.

C>  HOST example.com
S>  220 Host OK
C>  USER foo
S>  331 Specify password
C>  PASS bar
S>  230 Logged in
C>  HOST example.org
S>  ????

I suppose the server may treat this as REIN and then switching to specified 
host, if the user is authenticated, and just switch to such host if the user 
isn't already logged in.  Another option is sending 503 reply, as invalid 
sequence of commands.

Thanks,
Mykyta Yevstifeyev





_______________________________________________
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

Reply via email to