[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Realms (DIGEST-MD5 and otherwise)

To: ietf-sasl@xxxxxxx
Subject: Realms (DIGEST-MD5 and otherwise)
From: Lawrence Greenfield <leg+@xxxxxxxxxxxxxx>
Date: 27 Aug 1999 18:54:13 -0400
List-archive: <http://www.imc.org/ietf-sasl/mail-archive/>
List-unsubscribe: <mailto:ietf-sasl-request@imc.org?body=unsubscribe>
Sender: owner-ietf-sasl@xxxxxxx

Hi,

I've been thinking about multiple realms on servers a lot lately, and
it would simplify implementations as well as users if we can impose
some rules on valid realm strings.

I would propose that realms be DNS-style and should be in all
uppercase letters (and implementations may be free to uppercase realms
for the user).  This follows the conventions of Kerberos.  Allowing
any arbitrary, case-sensitive string that users might have to type in
is especially annoying.

Allowing @'s in realms is especially confusing, since it makes it
hard for a server to refer to a user as user@REALM.

Could we add this restriction to DIGEST-MD5 and propose it as a
guideline for future mechanisms?

Larry

Follow-Ups:
- Re: Realms (DIGEST-MD5 and otherwise)
  - From: Alexey Melnikov

Prev by Date: Free Internet Stock Newsletter
Next by Date: Re: Realms (DIGEST-MD5 and otherwise)
Previous by thread: Free Internet Stock Newsletter
Next by thread: Re: Realms (DIGEST-MD5 and otherwise)
Index(es):
- Date
- Thread