nntp-extensions feedback on draft-ietf-nntpext-dynfeed-00.txt
Joe St Sauver
JOE at oregon.uoregon.edu
Thu Mar 5 14:43:02 CST 1998
>Date: Thu, 05 Mar 1998 14:18:52 -0800
>From: Brian Hernacki <bhern at netscape.com>
>Subject: Re: nntp-extensions feedback on draft-ietf-nntpext-dynfeed-00.txt
>To: Joe St Sauver <JOE at OREGON.UOREGON.EDU>
>Cc: nntp-extensions at academ.com
[deletions]
>> My experience has been that !*,foo.*,bar.* is far less common than
>> patterns like *,!*foo*,!*bar*,!*baz* (with the exclusions most often being
>> targeted at high byte volume groups, foreign language hierarchies, or
>> leaking corporate/local hierarchies)
>
>I'd like to deal with postivie and negative feed control. I realize
>access control is an issue but I think it can be solved pretty neatly
>with what's already in the protocol.
I concur. I really like the approach for this that Highwind takes -- i.e.,
you can create a DefaultAdditionalSubscription that applies AFTER any
site specific subscription, and which serves the purpose of overriding any
evil feed specification a peer might have given to you in a cut and pasteable
feedpsec. For example, you might do:
DefaultAdditionalSubscription !*binaries*,!clari.*
or whatever you ALWAYS want to prevent from going downstream. That provides
"policy insurance" against unanticipated leaks.
Oh yes: ideally speaking, the remote peer would be told if a requested feed
change clashed with the "DefaultAdditionalSubscription" so they don't wonder
why their repeated requests to add clari.* and *binaries* (or whatever) don't
result in any traffic.
Regards,
Joe
More information about the NNTP-extensions
mailing list