[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: remaining DIGEST-MD5 items?
Chris Newman wrote:
> I am opposed to changing the ABNF because the editor has better uses
> for his time that will provide more value to the IETF community
What about the time of readers trying to figure out what chapter 7.2
really means ? Or the time of anybody trying to evaluate the "ABNF" ?
Just for fun I tried the latter and found the following six problems:
s/server_maxbuf/server-maxbuf/g
s/client_maxbuf/client-maxbuf/g
s/<<channel-type/channel-type/
prep is defined twice, renamed in "step two" to prep2
TEXT was unused, removed
added <CTL> reference from RFC 4234 (while talking about Latin-1
and Unicode it's not more obvious what a <CTL> is)
expanded prose definition of <qdtext>
expanded prose definition of <TEXTCHAR>
expanded all occurences of 1#element to
LWSP element *(LWSP "," LWSP [element]) LWSP
Chapter 7.2 suggests that the expansion of 1#element is...
LWSP element *(LWSP "," LWSP element) LWSP
...but the prose explains that [element] is the idea.
After that I got something passing Bill's parser. The complete
confusing chapter 7.2 could be removed, see below.
Frank
;;; 2.1.1 Step One
digest-challenge = LWSP d-c-e *(LWSP "," LWSP [d-c-e]) LWSP
d-c-e = realm / nonce / qop-options / stale
/ server-maxbuf / charset / prep / algorithm
/ cipher-opts / auth-param
realm = "realm" "=" realm-value
realm-value = quoted-string
nonce = "nonce" "=" nonce-value
nonce-value = quoted-string
;; contains data described by "nonce-data"
qop-options = "qop" "=" DQUOTE qop-list DQUOTE
qop-list = LWSP qop-value *(LWSP "," LWSP [qop-value]) LWSP
qop-value = "auth" / "auth-int" / "auth-conf" /
qop-token
;; qop-token is reserved for identifying
;; future extensions to DIGEST-MD5
qop-token = token
stale = "stale" "=" "true"
server-maxbuf = "maxbuf" "=" maxbuf-value
maxbuf-value = 1*DIGIT
charset = "charset" "=" "utf-8"
prep = "prep" "=" DQUOTE prep-mechs DQUOTE
prep-mechs = LWSP prep-mech *(LWSP "," LWSP [prep-mech]) LWSP
prep-mech = "rfc4013"
algorithm = "algorithm" "=" "md5-sess"
cipher-opts = "cipher" "=" DQUOTE cipher-list DQUOTE
cipher-list = LWSP cipher-value
*(LWSP "," LWSP [cipher-value]) LWSP
cipher-value = "rc4-40" / "rc4" / "rc4-56" /
"aes-ctr" / cipher-token
;; cipher-token is reserved for
;; new ciphersuites
cipher-token = token
auth-param = token "=" ( token / quoted-string )
nonce-data = new-nonce-data / obs-nonce-data
new-nonce-data = "CB-" channel-type ":" channel-bindings
":" qop-list ":" cipher-list
":" nonce-octets
obs-nonce-data = nonce-octets
;; nonce value as defined in RFC 2831.
;; SHOULD be accepted. MUST NOT be
;; generated.
channel-type = "TLS" / channel-type-ext
;; Should be taken from
;; [CHANNEL-BINDINGS].
channel-type-ext = 1*(ALPHA / DIGIT)
;; for future channel bindings>>
channel-bindings = 1*TEXTCHAR
;; channel binding data as defined by
;; the channel type
nonce-octets = 1*TEXTCHAR
;;; 2.1.2 Step Two
digest-response = LWSP d-r-e *(LWSP "," LWSP [d-r-e]) LWSP
d-r-e = username / realm / nonce / cnonce
/ nonce-count / qop / digest-uri / response
/ response-v2 / client-maxbuf / charset
/ prep2 / cipher / authzid / auth-param
username = "username" "=" username-value
username-value = quoted-string
cnonce = "cnonce" "=" cnonce-value
cnonce-value = nonce-value
nonce-count = "nc" "=" nc-value
nc-value = 8LHEX
client-maxbuf = "maxbuf" "=" maxbuf-value
qop = "qop" "=" qop-value
digest-uri = "digest-uri" "="
DQUOTE digest-uri-value DQUOTE
digest-uri-value = serv-type "/" host [ "/" serv-name ]
serv-type = 1*ALPHA
serv-name = host
prep2 = "prep" "=" prep-mech
response = "response" "=" response-value
response-v2 = "response-v2" "=" response-value
response-value = 32LHEX
LHEX = DIGIT / "a" / "b" /
"c" / "d" / "e" / "f"
cipher = "cipher" "=" cipher-value
authzid = "authzid" "=" authzid-value
authzid-value = quoted-string
host = IP-literal / IPv4address / reg-name
IP-literal = <see RFC 3986>
IPv4address = <see RFC 3986>
reg-name = <see RFC 3986>
;;; 2.1.2.1 Response-value
password = *OCTET
;;; 2.1.3 Step Three
auth-info = LWSP a-i-e *(LWSP "," LWSP [a-i-e]) LWSP
a-i-e = response-auth / response-v2-auth / auth-param
response-auth = "rspauth" "=" response-value
response-v2-auth = "rspauth-v2" "=" response-value
;;; 7.2 Basic rules
TEXTCHAR = HTAB / %x20-7E / %x80-FF
LWSP = *(WSP / CRLF WSP)
token = 1*TOKENCHAR
BACKSLASH = %x5C
; character
separators = "(" / ")" / "<" / ">" / "@"
/ "," / ";" / ":" / BACKSLASH / DQUOTE
/ "/" / "[" / "]" / "?" / "="
/ "{" / "}" / SP / HTAB
TOKENCHAR = <any CHAR except CTLs or separators>
quoted-string = DQUOTE qdstr-val DQUOTE
qdstr-val = *( qdtext / quoted-pair )
qdtext = HTAB / %x20-21 / %x23-5B / %x5D-7E / %x80-FF
quoted-pair = BACKSLASH CHAR
;;; imported from RFC 4234
DIGIT = <see RFC 4234> ; 0-9
DQUOTE = <see RFC 4234> ; " (Double Quote)
ALPHA = <see RFC 4234> ; A-Z / a-z
OCTET = <see RFC 4234> ; 8 bits of data
WSP = <see RFC 4234> ; white space
CRLF = <see RFC 4234> ; Internet standard newline
HTAB = %x09
SP = %x20
CHAR = <see RFC 4234> ; any ASCII excluding NUL
CTL = <see RFC 4234> ; %x00-1F / %x7F