[ietf-nntp] authinfo-02 changes

Clive D.W. Feather clive at demon.net
Mon Jul 26 02:28:47 PDT 2004


Ken Murchison said:
> Attached are the changes I just made to the AUTHINFO draft based on 
> comments from the list and those I received privately.  I did a diff 
> against the nroff rather than the generated text, since the nroff isn't 
> subject to changes in page breaks.  Please review and let me know if 
> I've missed anything.

I'm generally happy with this (I've been away for a while, hence the lack
of comments). A few notes and problems:

> @@ -718,12 +724,12 @@
>  
>  authinfo-user-command = "AUTHINFO" WS "USER" WS username
>  authinfo-pass-command = "AUTHINFO" WS "PASS" WS password
> -authinfo-sasl-command = "AUTHINFO" WS "SASL" WS sasl-mech-name
> -      [WS sasl-init-resp]
> +authinfo-sasl-command = "AUTHINFO" WS "SASL" WS mechanism
> +      [WS initial-response]
>  
> -username = 1*P-CHAR
> -password = 1*P-CHAR
> -sasl-init-resp = "=" / base64
> +username = 1*(P-CHAR / SP / TAB)
> +password = 1*(P-CHAR / SP / TAB)
> +initial-response = base64-opt

This syntax isn't compatible with the general command syntax. Instead,
you want:

   username = user-pass-word *(WS user-pass-word)
   password = user-pass-word *(WS user-pass-word)
   user-pass-word = 1*P-CHAR

This makes it clearer that the username/password can be treated as a string
of words and that no special parsing is needed.

BTW, I've done an ABNF validation of your and my syntax combined, both with
and without this change, and there were no errors. However, I've discovered
a bug in the validator which, when fixed, spotted an error in both our
documents:

    the syntax for "also defined as" is  =/  and NOT  /=

Thus you need to make four changes; the correct forms of the lines are:

    command =/ authinfo-user-command /
    command-continuation =/ authinfo-sasl-continuation
    simple-response-content =/ response-sasl-content
    extension-descriptor =/ authinfo-extension

> -response-x83-content = ("283" / "383") SP sasl-server-chal
> -sasl-server-chal = "=" / base64
> +simple-response-content /= response-sasl-content
> +response-sasl-content = "283" SP base64 / "383" SP base64-opt

Can I be sure I've got this right? A 383 may have an empty base64 string
but a 283 can't (you use 281 instead)? I'm fine with that, and that's what
the current syntax says, but it isn't what the older syntax said.

>  3.4. LIST EXTENSIONS responses
> @@ -761,21 +765,18 @@
>  authinfo-extension = %x41.55.54.48.49.4E.46.4F  ; "AUTHINFO"
>        *(SPA authinfo-extension-arg)
>  authinfo-extension-arg = "USER" /
> -      "SASL:" [sasl-mech-name *("," sasl-mech-name)]
> +      "SASL:" [mechanism *("," mechanism)]
>  .fi
>  .LP
>  3.5. General non-terminals
>  .IP
>  .nf
> -sasl-mech-name = 1*20sasl-mech-char
> -sasl-mech-char = %x41-5A / DIGIT / "-" / "_"
> +mechanism = 1*20mech-char
> +mech-char = UPPER / DIGIT / "-" / "_"
>        ; mechanism names restricted to uppercase letters, 
>        ; digits, "-" and "_"

I'm bothered about this restriction to uppercase. The ABNF syntax says that
"USER" and "SASL" are case-insensitive, and our only other example ("MSGID"
argument to "OVER") is also case-insensitive. The rest of NNTP (e.g. command
names) is also case-insensitive.

Consistency with other extensions says that you should add LOWER to this
list, or even move to A-CHAR, and be case-insensitive.

Incidentally, why *does* LIST EXTENSIONS require uppercase for the initial
word? Do we want to alter this, or is it too risky at this late date?

-- 
Clive D.W. Feather  | Work:  <clive at demon.net>   | Tel:    +44 20 8495 6138
Internet Expert     | Home:  <clive at davros.org>  | Fax:    +44 870 051 9937
Demon Internet      | WWW: http://www.davros.org | Mobile: +44 7973 377646
Thus plc            |                            |



More information about the ietf-nntp mailing list