Re: [kitten] spaces in SASL user names

Chris Newman <chris.newman@oracle.com> Wed, 11 April 2012 16:47 UTC

Return-Path: <chris.newman@oracle.com>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 38D2111E808D for <kitten@ietfa.amsl.com>; Wed, 11 Apr 2012 09:47:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -105.446
X-Spam-Level:
X-Spam-Status: No, score=-105.446 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_MISMATCH_COM=0.553, J_CHICKENPOX_92=0.6, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id y2ayniah6U8n for <kitten@ietfa.amsl.com>; Wed, 11 Apr 2012 09:47:19 -0700 (PDT)
Received: from brmea-mail-2.sun.com (brmea-mail-2.Sun.COM [192.18.98.43]) by ietfa.amsl.com (Postfix) with ESMTP id 6F7FF11E8089 for <kitten@ietf.org>; Wed, 11 Apr 2012 09:47:19 -0700 (PDT)
Received: from brmsunmail2-sfbay.uk.sun.com ([10.79.11.101]) by brmea-mail-2.sun.com (8.13.6+Sun/8.12.9) with ESMTP id q3BGlHiq025431; Wed, 11 Apr 2012 16:47:18 GMT
Received: from gotmail.us.oracle.com (gotmail.us.oracle.com [10.133.152.174]) by brmsunmail2-sfbay.uk.sun.com (8.14.4+Sun/8.14.4/ENSMAIL,v2.4) with ESMTP id q3BGlHHc061469; Wed, 11 Apr 2012 16:47:17 GMT
MIME-version: 1.0
Content-transfer-encoding: 7BIT
Content-disposition: inline
Content-type: text/plain; CHARSET=US-ASCII; format=flowed
Received: from [10.145.239.205] (nifty-silver.us.oracle.com [10.145.239.205]) by gotmail.us.oracle.com (Oracle Communications Messaging Server 7u5-4.06 64bit (built Mar 14 2012)) with ESMTPA id <0M2B00645QMMDS00@gotmail.us.oracle.com>; Wed, 11 Apr 2012 09:47:17 -0700 (PDT)
Date: Wed, 11 Apr 2012 08:48:23 -0700
From: Chris Newman <chris.newman@oracle.com>
To: Peter Saint-Andre <stpeter@stpeter.im>, kitten@ietf.org
Message-id: <4ED1D634F0E26CDC51B61127@[192.168.15.131]>
In-reply-to: <4F84AAA5.3030104@stpeter.im>
References: <4F84AAA5.3030104@stpeter.im>
X-Mailer: Mulberry/4.0.8 (Mac OS X)
Subject: Re: [kitten] spaces in SASL user names
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/kitten>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Apr 2012 16:47:20 -0000

--On April 10, 2012 15:48:21 -0600 Peter Saint-Andre <stpeter@stpeter.im> 
wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> At the PRECIS WG session in Paris, we had quite a discussion about
> spaces in user names. Alexey maintained that this must have been
> included in SASLprep (RFC 4013) for a good reason, but the reason
> wasn't clear to folks in the meeting. So I have a few questions:
>
> 1. Do SASL user names really need to include spaces?

Absolutely yes. My correct name is "Chris Newman" (with a space). A user 
friendly interface would use my correct name. Protocol design should never 
unnecessarily obstruct the creation of user friendly interfaces.

> 2. If SASL user names do *not* need to include spaces, would it be
> fine to re-use the PRECIS NameClass for simple user names in SASL?
>
> 3. If SASL user names *do* need to include spaces, would it be fine to
> define simple user names in SASL as a space-separated list of
> NameClass entities?

I am opposed to changing to the SASL user name ABNF in the mechanisms, with 
RFC 4616 being the simplest example of that ABNF. Given that constraint, I 
have little opinion about how PRECIS is used. So the proposal sounds 
feasible as long as we're not making ABNF changes to the underlying 
protocol.

> Option #3 seems preferable to (a) specifying that the PRECIS NameClass
> needs to include space (to which there was a lot of resistance during
> the PRECIS WG session), (b) enabling folks to superclass PRECIS string
> classes (to which there was also a lot of resistance), or (c) severely
> subclassing the PRECIS FreeClass to be something like NameClass+SP.
>
> Peter
>
> - --
> Peter Saint-Andre
> https://stpeter.im/
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.8 (Darwin)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iEYEARECAAYFAk+EqqUACgkQNL8k5A2w/vzHeQCfTX6rF+MAqj05uz/ojJpPDkMT
> RaMAn2AWoWO3lRiDgxfPmDZy7B4wyawX
> =xNtO
> -----END PGP SIGNATURE-----
> _______________________________________________
> Kitten mailing list
> Kitten@ietf.org
> https://www.ietf.org/mailman/listinfo/kitten
>