On Fri, 2007-11-09 at 09:43 -0800, Dan Karp wrote: > I think that we're unnecessarily complicating a fundamentally simple > idea. Why not just have ENABLE fail unless all the requested > capabilities are implemented and enable-able? This would generally > require waiting until after authentication to call ENABLE, but I'm not > even sure why it's ever useful in the NOT AUTHENTICATED state... I'd really like if it worked only after authentication. I think NOT AUTHENTICATED state should be as simple as possible. The user is still untrusted at that point, so the less features server needs to worry about at that point, the less chances there are for bugs/security holes.
Description: This is a digitally signed message part