Many clients already support NIP-42 and our relays don’t need anything special, but not all implementations work correctly with all AUTH flows. 

I think most of the problems can be solved by clients correctly implementing the spec as it is today.

The original spec did not include the CLOSED response so we used to send NOTICE/EOSE instead which wasn’t ideal.

With CLOSED, clients know why a REQ was closed and whether it requires AUTH or is prohibited. They can then know which REQs to retry after they complete the AUTH.