Alexey Melnikov wrote:
Lisa Dusseault wrote:
Ok, so there's already CHECKSCRIPT, which leaves me even more
clueless why ADDSCRIPT would be defined to operate differently while
anonymous, rather than just be disabled.
I probably need to add a bit of history on this:
Originally the document allowed a client to verify a script by
specifying the empty script name in the PUTSCRIPT command. This was a
bit of a hack.
Then somebody suggested to use SASL ANONYMOUS authentication, which is
a special authentication mechanism that tells the server that the user
is effectively unauthenticated.
Then Stephan pointed out that some sysadmins wouldn't want to just let
any client to use their ManageSieve server for script verification (by
allowing SASL ANONYMOUS), but would like to allow authenticated users
to do script verfication. After some discussion with the WG the new
CHECKSCRIPT command was added.
But anyway, now that you've mentioned this, I think there is no point
in having script verification through ANONYMOUS. So I suggest deleting
it.
And I've just found the following comment in my XML source (just before
the paragraph):
<!--cref: Should this paragraph be deleted?-->