[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: sasl PLAIN and netscape communicator

To: tony@xxxxxxx
Subject: Re: sasl PLAIN and netscape communicator
From: Nelson Tang <tang@xxxxxxxxxxx>
Date: Tue, 8 Jun 1999 16:41:56 -0700 (PDT)
Cc: ietf-sasl@xxxxxxx
In-reply-to: <> (message from Tony Hansen on Tue, 08 Jun 1999 16:50:37 -0400)
List-archive: <http://www.imc.org/ietf-sasl/mail-archive/>
List-unsubscribe: <mailto:ietf-sasl-request@imc.org?body=unsubscribe>
References: <>
Sender: owner-ietf-sasl@xxxxxxx

>  Date: Tue, 08 Jun 1999 16:50:37 -0400
>  From: Tony Hansen <tony@xxxxxxx>
>  
>  The string passed in has an authorization identity but no
>  username.

It's legit.  The specification of the PLAIN SASL mechanism says:

"The client sends the authorization identity (identity to login as),
followed by a US-ASCII NUL character, followed by the authentication
identity (identity whose password will be used), followed by a US-ASCII
NUL character, followed by the clear-text password.  The client may
leave the authorization identity empty to indicate that it is the same
as the authentication identity."

[From www.ietf.org/internet-drafts/draft-newman-tls-imappop-09.txt, page
8, section 6.]

--nelson

~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~
Nelson Tang                                    tang@xxxxxxxxxxx
Internet Research Lab
UCLA Computer Science Deptartment              http://irl.cs.ucla.edu

Follow-Ups:
- Re: sasl PLAIN and netscape communicator
  - From: Tony Hansen
- Re: sasl PLAIN and netscape communicator
  - From: John Gardiner Myers

References:
- sasl PLAIN and netscape communicator
  - From: Tony Hansen

Prev by Date: sasl PLAIN and netscape communicator
Next by Date: Re: sasl PLAIN and netscape communicator
Previous by thread: sasl PLAIN and netscape communicator
Next by thread: Re: sasl PLAIN and netscape communicator
Index(es):
- Date
- Thread