aboutsummaryrefslogtreecommitdiffstats
path: root/RFC/rfc1734.txt
diff options
context:
space:
mode:
Diffstat (limited to 'RFC/rfc1734.txt')
-rw-r--r--RFC/rfc1734.txt283
1 files changed, 0 insertions, 283 deletions
diff --git a/RFC/rfc1734.txt b/RFC/rfc1734.txt
deleted file mode 100644
index f37f29e0..00000000
--- a/RFC/rfc1734.txt
+++ /dev/null
@@ -1,283 +0,0 @@
-
-
-
-
-
-
-Network Working Group J. Myers
-Request for Comments: 1734 Carnegie Mellon
-Category: Standards Track December 1994
-
-
- POP3 AUTHentication command
-
-Status of this Memo
-
- This document specifies an Internet standards track protocol for the
- Internet community, and requests discussion and suggestions for
- improvements. Please refer to the current edition of the "Internet
- Official Protocol Standards" (STD 1) for the standardization state
- and status of this protocol. Distribution of this memo is unlimited.
-
-
-1. Introduction
-
- This document describes the optional AUTH command, for indicating an
- authentication mechanism to the server, performing an authentication
- protocol exchange, and optionally negotiating a protection mechanism
- for subsequent protocol interactions. The authentication and
- protection mechanisms used by the POP3 AUTH command are those used by
- IMAP4.
-
-
-2. The AUTH command
-
- AUTH mechanism
-
- Arguments:
- a string identifying an IMAP4 authentication mechanism,
- such as defined by [IMAP4-AUTH]. Any use of the string
- "imap" used in a server authentication identity in the
- definition of an authentication mechanism is replaced with
- the string "pop".
-
- Restrictions:
- may only be given in the AUTHORIZATION state
-
- Discussion:
- The AUTH command indicates an authentication mechanism to
- the server. If the server supports the requested
- authentication mechanism, it performs an authentication
- protocol exchange to authenticate and identify the user.
- Optionally, it also negotiates a protection mechanism for
- subsequent protocol interactions. If the requested
- authentication mechanism is not supported, the server
-
-
-
-Myers [Page 1]
-
-RFC 1734 POP3 AUTH December 1994
-
-
- should reject the AUTH command by sending a negative
- response.
-
- The authentication protocol exchange consists of a series
- of server challenges and client answers that are specific
- to the authentication mechanism. A server challenge,
- otherwise known as a ready response, is a line consisting
- of a "+" character followed by a single space and a BASE64
- encoded string. The client answer consists of a line
- containing a BASE64 encoded string. If the client wishes
- to cancel an authentication exchange, it should issue a
- line with a single "*". If the server receives such an
- answer, it must reject the AUTH command by sending a
- negative response.
-
- A protection mechanism provides integrity and privacy
- protection to the protocol session. If a protection
- mechanism is negotiated, it is applied to all subsequent
- data sent over the connection. The protection mechanism
- takes effect immediately following the CRLF that concludes
- the authentication exchange for the client, and the CRLF of
- the positive response for the server. Once the protection
- mechanism is in effect, the stream of command and response
- octets is processed into buffers of ciphertext. Each
- buffer is transferred over the connection as a stream of
- octets prepended with a four octet field in network byte
- order that represents the length of the following data.
- The maximum ciphertext buffer length is defined by the
- protection mechanism.
-
- The server is not required to support any particular
- authentication mechanism, nor are authentication mechanisms
- required to support any protection mechanisms. If an AUTH
- command fails with a negative response, the session remains
- in the AUTHORIZATION state and client may try another
- authentication mechanism by issuing another AUTH command,
- or may attempt to authenticate by using the USER/PASS or
- APOP commands. In other words, the client may request
- authentication types in decreasing order of preference,
- with the USER/PASS or APOP command as a last resort.
-
- Should the client successfully complete the authentication
- exchange, the POP3 server issues a positive response and
- the POP3 session enters the TRANSACTION state.
-
- Possible Responses:
- +OK maildrop locked and ready
- -ERR authentication exchange failed
-
-
-
-Myers [Page 2]
-
-RFC 1734 POP3 AUTH December 1994
-
-
-
- Examples:
- S: +OK POP3 server ready
- C: AUTH KERBEROS_V4
- S: + AmFYig==
- C: BAcAQU5EUkVXLkNNVS5FRFUAOCAsho84kLN3/IJmrMG+25a4DT
- +nZImJjnTNHJUtxAA+o0KPKfHEcAFs9a3CL5Oebe/ydHJUwYFd
- WwuQ1MWiy6IesKvjL5rL9WjXUb9MwT9bpObYLGOKi1Qh
- S: + or//EoAADZI=
- C: DiAF5A4gA+oOIALuBkAAmw==
- S: +OK Kerberos V4 authentication successful
- ...
- C: AUTH FOOBAR
- S: -ERR Unrecognized authentication type
-
- Note: the line breaks in the first client answer are
- for editorial clarity and are not in real authentica-
- tors.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Myers [Page 3]
-
-RFC 1734 POP3 AUTH December 1994
-
-
-3. Formal Syntax
-
- The following syntax specification uses the augmented Backus-Naur
- Form (BNF) notation as specified in RFC 822.
-
- Except as noted otherwise, all alphabetic characters are case-
- insensitive. The use of upper or lower case characters to define
- token strings is for editorial clarity only. Implementations MUST
- accept these strings in a case-insensitive fashion.
-
- ATOM_CHAR ::= <any CHAR except atom_specials>
-
- atom_specials ::= "(" / ")" / "{" / SPACE / CTLs / "%" / "*" /
- <"> / "\"
-
- auth ::= "AUTH" 1*(SPACE / TAB) auth_type *(CRLF base64)
- CRLF
-
- auth_type ::= 1*ATOM_CHAR
-
- base64 ::= *(4base64_CHAR) [base64_terminal]
-
- base64_char ::= "A" / "B" / "C" / "D" / "E" / "F" / "G" / "H" /
- "I" / "J" / "K" / "L" / "M" / "N" / "O" / "P" /
- "Q" / "R" / "S" / "T" / "U" / "V" / "W" / "X" /
- "Y" / "Z" /
- "a" / "b" / "c" / "d" / "e" / "f" / "g" / "h" /
- "i" / "j" / "k" / "l" / "m" / "n" / "o" / "p" /
- "q" / "r" / "s" / "t" / "u" / "v" / "w" / "x" /
- "y" / "z" /
- "0" / "1" / "2" / "3" / "4" / "5" / "6" / "7" /
- "8" / "9" / "+" / "/"
- ;; Case-sensitive
-
- base64_terminal ::= (2base64_char "==") / (3base64_char "=")
-
- CHAR ::= <any 7-bit US-ASCII character except NUL,
- 0x01 - 0x7f>
-
- continue_req ::= "+" SPACE base64 CRLF
-
- CR ::= <ASCII CR, carriage return, 0x0C>
-
- CRLF ::= CR LF
-
- CTL ::= <any ASCII control character and DEL,
- 0x00 - 0x1f, 0x7f>
-
-
-
-
-Myers [Page 4]
-
-RFC 1734 POP3 AUTH December 1994
-
-
- LF ::= <ASCII LF, line feed, 0x0A>
-
- SPACE ::= <ASCII SP, space, 0x20>
-
- TAB ::= <ASCII HT, tab, 0x09>
-
-
-
-4. References
-
- [IMAP4-AUTH] Myers, J., "IMAP4 Authentication Mechanisms", RFC 1731,
- Carnegie Mellon, December 1994.
-
-
-
-5. Security Considerations
-
- Security issues are discussed throughout this memo.
-
-
-
-6. Author's Address
-
- John G. Myers
- Carnegie-Mellon University
- 5000 Forbes Ave
- Pittsburgh, PA 15213
-
- EMail: jgm+@cmu.edu
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Myers [Page 5]
-