[NNTP] RFC 4643 user-pass-char question
Julien ÉLIE
julien at trigofacile.com
Thu May 14 14:23:45 PDT 2009
Hi Antti-Juhani,
> NOTE: a server implementation MAY parse AUTHINFO USER and AUTHINFO
> PASS specially so as to allow white space to be used within the
> username or password. Such implementations accept the additional
> syntax (making these two items inconsistent with "token" in Section
> 9.8 of [NNTP]):
>
> user-pass-char =/ SP / TAB
>
> The question I was trying to resolve by reading the grammar was, is it
> permissible (or eve required) for a server to respond with 501 to an AUTHINFO
> USER with a username containing spaces. However, given the above problem, I
> am unable to determine the answer from the document itself.
It is an interesting question, thanks!
I for one reckon it is a pretty good situation to answer 503.
According to RFC 3977:
If the server recognizes the command but
does not provide an optional feature (for example, because it does
not store the required information), or if it only handles a subset
of legitimate cases (see the HDR command, Section 8.5, for an
example), the response code 503 MUST be returned.
Here, AUTHINFO USER/PASS is recognized but does not provide the
"white space" support and only handles a subset of legitimate
users and passwords!
Any comments about that?
--
Julien ÉLIE
« Deux informaticiens discutent vers le 2 janvier :
-- Qu'est ce que tu as pris comme résolution cette année ?
-- 1024 × 768, et toi ? »
More information about the ietf-nntp
mailing list