Re: WG Last Call: draft-ietf-sasl-scram-02

[Kurt Zeilenga <Kurt.Zeilenga@xxxxxxxxx>]

On Jul 30, 2009, at 10:26 AM, Peter Saint-Andre wrote:

> So I looked at this again. The concept of a "simple username" has  
> always
> been fuzzy to me. It is described in the SASLprep document, RFC  
> 4013. It
> seems to be the localpart, not <localpart>[@<domain>] (at least, all  
> the
> examples in RFC 4013 look like localparts).

No.  Simple here means that none of the allowed characters of a  
username have any special semantics.  That is, there is no concept of  
local part or a domain part or even separator in a simple username.   
The username, to SASLprep, is just a sequence of characters.  This, of  
course, doesn't preclude implementations or deployers from attaching  
additional semantics usernames they use... but such semantics are  
completely outside of SASLprep and mechanisms that use "simple user  
names" as defined by SASLprep.

Maybe when RFC 4013 we can add an examples such as "a;b@c:d".

-- Kurt