[NNTP] Spaces in usernames and passwords (was: authinfo-02 changes)

Charles Lindsey chl at clerew.man.ac.uk
Thu Sep 2 08:27:01 PDT 2004


In <20040901154955.GN26877 at finch-staff-1.thus.net> "Clive D.W. Feather" <clive at demon.net> writes:

>    A server MAY also act as if the above definitions were replaced by:

>        username = 1*P-CHAR
>        password = 1*P-CHAR

>    (which removes the ambiguity by forbidding white space characters
>    in usernames and passwords).

If it MAY do that, then why not say it SHOULD/MUST do that, and the whole
problem goes away? Yes, that might conflict with normal SASL usage, but is
there particular merit in avoiding such conflict for this particular
protocol?

Possible answer is that it would upset people who have such a
username/password pair that they use with SASL for other protocols (SMTP
perhaps) and they want to use the same one. But if servers MAY restrict as
suggested, then such people have a problem anyway, and either have to
change their username/password or use some other server.

-- 
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131 Fax: +44 161 436 6133   Web: http://www.cs.man.ac.uk/~chl
Email: chl at clerew.man.ac.uk      Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9      Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5



More information about the ietf-nntp mailing list