Re: Last Call: draft-siemborski-rfc1734bis (POP3 SASL Authentication Mechanism) to Proposed Standard
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Last Call: draft-siemborski-rfc1734bis (POP3 SASL Authentication Mechanism) to Proposed Standard
- To: ietf at ietf.org
- Subject: Re: Last Call: draft-siemborski-rfc1734bis (POP3 SASL Authentication Mechanism) to Proposed Standard
- From: Philip Guenther <guenther+ietf at sendmail.com>
- Date: Wed, 24 Jan 2007 19:29:48 -0700
- Dkim-signature: a=rsa-sha1; c=relaxed/simple; d=sendmail.com; s=tls.dkim; t=1169692192; bh=oP4LgpdKF9bcxtYliIqULf1Nt7M=; h=X-DomainKeys: DomainKey-Signature:Date:From:X-X-Sender:To:Subject:In-Reply-To: Message-ID:References:MIME-Version:Content-Type; b=sLLNVMR/tGULTSet GV0R9C1ZSDOpXT/KsaOsXJV0VvguzKBo6npz5nV0okUDY9MNrERJLWonrpV5HL1yw/O Kd/HHztj7/i2DcvBtShs7ezOsJ1dNx3muz/iqNwo19lQRkRHQ5SAl0vulNazRxyygiw XcwQ8NeHzW5CehWJPXbOk=
- Domainkey-signature: a=rsa-sha1; s=tls; d=sendmail.com; c=nofws; q=dns; h=date:from:x-x-sender:to:subject:in-reply-to:message-id: references:mime-version:content-type; b=uKc0maxpR7es3rVDxwLuG7xRgJMA+TcrXBEQRr/H27dZok0Mem/wENdL63d0YEUZG O/hmqJMWCo1QubZCyNBRuo7pl8MHXuuPYgCw+uDBhaATfPjYLRCiIe8Hlmw+ldC6gUd 0VqJfgU3Uts3unku+oclDhgOOiySFtMem3NsmSA=
- In-reply-to: <E1H9pfy-0002T1-Hx@stiedprstage1.ietf.org>
- List-help: <mailto:ietf-request@ietf.org?subject=help>
- List-id: IETF-Discussion <ietf.ietf.org>
- List-post: <mailto:ietf@ietf.org>
- List-subscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
- List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
- References: <E1H9pfy-0002T1-Hx@stiedprstage1.ietf.org>
On Wed, 24 Jan 2007, The IESG wrote:
The IESG has received a request from an individual submitter to consider
the following document:
- 'POP3 SASL Authentication Mechanism '
<draft-siemborski-rfc1734bis-10.txt> as a Proposed Standard
My apologies to the authors for not commenting on this document earlier.
Both this document and the related draft-siemborski-rfc2554bis discuss how
the client can cancel an authentication exchange by sending a line with a
single "*", but then fail to permit that in the ABNF of what the client
sends. The 'auth-resp' production might have been part of an attempt to
permit that, but it's not referenced or explained. I therefore suggest
dropping the dangling 'auth-resp' line and changing this production:
auth-command = "AUTH" SP sasl-mech [SP (base64 / "=")] *(CRLF
[base64]) CRLF
to something like
auth-command = "AUTH" SP sasl-mech [SP (base64 / "=")]
*(CRLF [base64]) [ CRLF "*" ] CRLF
or better: it should be consistent with the other document,
draft-siemborski-rfc2554bis, and have a production for the initial
response. One for the cancel response would clarify the usage:
auth-command = "AUTH" SP sasl-mech [SP initial-response]
*(CRLF [base64]) [CRLF cancel-response] CRLF
initial-response= base64 / "="
cancel-response = "*"
A similar change should be made to the rfc2554bis draft.
Otherwise, I support the advancement of this document. It's definitely an
improvement over the existing scattering of documents.
Philip Guenther
_______________________________________________
Ietf mailing list
Ietf at ietf.org
https://www1.ietf.org/mailman/listinfo/ietf
Note Well: Messages sent to this mailing list are the opinions
of the senders and do not imply endorsement by the IETF.
Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.
