[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

digest-md5 realm

To: ietf-sasl@xxxxxxx
Subject: digest-md5 realm
From: Lawrence Greenfield <leg+@xxxxxxxxxxxxxx>
Date: 29 Jul 1999 17:24:37 -0400
List-archive: <http://www.imc.org/ietf-sasl/mail-archive/>
List-unsubscribe: <mailto:ietf-sasl-request@imc.org?body=unsubscribe>
Sender: owner-ietf-sasl@xxxxxxx

There appears to be a conflict in draft-leach-digest-sasl-03.txt.

In Section 2.1.1, the "realm" is optional and:

  This directive is optional; if not present, the client MUST solicit
  it from the user or have been configured to use a default; a
  plausible default might be the realm supplied by the user when
  they logged in to the client system. Multiple realm directives
  are allowed.

In Section 2.1.2, the "realm" in the response is:
  The realm containing the user's account. It MUST be one of the realms
  from the "digest-challenge", if any were provided. This directive is
  required unless the server did not provide any realms; otherwise, if
  not present, or not one of the ones in the "digest-challenge",
  authentication fails.

This seems to imply that if a realm was not sent with the challenge, a
client need not reply with a realm.

I assume the realm is actually required in the response?

Thanks,
Larry

Follow-Ups:
- Re: digest-md5 realm
  - From: Alexey Melnikov

Prev by Date: Re: SMTP Auth, etc., support
Next by Date: Re: digest-md5 realm
Previous by thread: Re: SMTP Auth, etc., support
Next by thread: Re: digest-md5 realm
Index(es):
- Date
- Thread