Re: [kitten] spaces in SASL user names

William Mills <wmills@yahoo-inc.com> Mon, 16 April 2012 15:03 UTC

Return-Path: <wmills@yahoo-inc.com>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 983E511E8073 for <kitten@ietfa.amsl.com>; Mon, 16 Apr 2012 08:03:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -16.285
X-Spam-Level:
X-Spam-Status: No, score=-16.285 tagged_above=-999 required=5 tests=[AWL=-0.546, BAYES_20=-0.74, HTML_MESSAGE=0.001, USER_IN_DEF_WHITELIST=-15]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4WeRwUTD4V55 for <kitten@ietfa.amsl.com>; Mon, 16 Apr 2012 08:03:53 -0700 (PDT)
Received: from nm33-vm7.bullet.mail.bf1.yahoo.com (nm33-vm7.bullet.mail.bf1.yahoo.com [72.30.239.207]) by ietfa.amsl.com (Postfix) with SMTP id 7EC8E11E8072 for <kitten@ietf.org>; Mon, 16 Apr 2012 08:03:53 -0700 (PDT)
Received: from [98.139.212.153] by nm33.bullet.mail.bf1.yahoo.com with NNFMP; 16 Apr 2012 15:03:52 -0000
Received: from [98.139.215.252] by tm10.bullet.mail.bf1.yahoo.com with NNFMP; 16 Apr 2012 15:03:52 -0000
Received: from [127.0.0.1] by omp1065.mail.bf1.yahoo.com with NNFMP; 16 Apr 2012 15:03:52 -0000
X-Yahoo-Newman-Property: ymail-3
X-Yahoo-Newman-Id: 933460.84185.bm@omp1065.mail.bf1.yahoo.com
Received: (qmail 10184 invoked by uid 60001); 16 Apr 2012 15:03:52 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo-inc.com; s=ginc1024; t=1334588632; bh=H44kSY8xO7+X8vd8LsO9L4X2AlT2bxHbvkSABB3znlo=; h=X-YMail-OSG:Received:X-RocketYMMF:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type; b=islPnOKRr+VWvb+w3rYc2LcbXgrjakCEPEunC+8Sicp6Jlr1Lpg6yVy4+7h8rKTGT5Wfj2yZ5BG+AmkaMi9qdXIIr4OreBTyM4Y9VxgJ2Vtbtbtvo4TDDIBNulrrnpkk1aTWWYIf3iRhGCwRBMqhuZzfMgGtc9ddBPG3P2LVMKU=
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=ginc1024; d=yahoo-inc.com; h=X-YMail-OSG:Received:X-RocketYMMF:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type; b=TVV3oE2QbiID26lkszM9WF8GmC4KZ+2EHoM6xIfTaotXsBzoB+RfUz1HwJvflna9OFp2lWBNxeWvCRyYNscyv7xQr8yE8C01e29zGR6vpdgmpOZwpmjisQjx6CwNsARG0BqAYpEBvb5bx5gL7r7YMGQAd6g/FfdgzreQrmDS0Ro=;
X-YMail-OSG: .bymN44VM1k0DsX4DbfVGP7Bl7mPnmXav49Zron9dC5CZds bsvLpxAFSUIqkmfXgIsgX_krY9alDbUy28IVYL2rUkTgMWWUDsS32GFwiytZ BCb2WV.9JVnp1nKy1UFndqkMiteMsPI8SKLHz1IBEuFZ6rOBiOqIL1eKI_y6 kxMsYL11e95Ic6gBxeacaNDdBBMGBJ8Uv138QlofkkuI5LrnraIoKbmK3gGL Z99EVY5e1wDRNHDpTbn6uGfq_QWoOwgAqcGVCeMH3507DB.K_k5KRktM0OOz W1pXIL7xuBjHCvpE0MJozlDYLHWTgJ8JsyhyoYJEcTRobndscbespbPSanu_ vrJbmLQb0Yltb3LW_f1dNhlXM8.8C0vP30hnRr0gIkmAQi2HCCdH3ygMqIn4 q4GuKUZqt6syK45e0UDTwgUHYgMGm
Received: from [99.31.212.42] by web31804.mail.mud.yahoo.com via HTTP; Mon, 16 Apr 2012 08:03:52 PDT
X-RocketYMMF: william_john_mills
X-Mailer: YahooMailWebService/0.8.118.349524
References: <4F84AAA5.3030104@stpeter.im> <4ED1D634F0E26CDC51B61127@[192.168.15.131]> <4F85C4EE.2020901@stpeter.im> <4F89AB89.8050303@isode.com>
Message-ID: <1334588632.6583.YahooMailNeo@web31804.mail.mud.yahoo.com>
Date: Mon, 16 Apr 2012 08:03:52 -0700 (PDT)
From: William Mills <wmills@yahoo-inc.com>
To: Alexey Melnikov <alexey.melnikov@isode.com>, Peter Saint-Andre <stpeter@stpeter.im>
In-Reply-To: <4F89AB89.8050303@isode.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="835683298-1207081084-1334588632=:6583"
Cc: "kitten@ietf.org" <kitten@ietf.org>
Subject: Re: [kitten] spaces in SASL user names
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: William Mills <wmills@yahoo-inc.com>
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/kitten>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Apr 2012 15:03:54 -0000

It should be noted that SMTP allows "domain specific usernames" with an extremely broad syntax that includes spaces.




>________________________________
> From: Alexey Melnikov <alexey.melnikov@isode.com>
>To: Peter Saint-Andre <stpeter@stpeter.im> 
>Cc: kitten@ietf.org 
>Sent: Saturday, April 14, 2012 9:53 AM
>Subject: Re: [kitten] spaces in SASL user names
> 
>On 11/04/2012 18:52, Peter Saint-Andre wrote:
>> On 4/11/12 9:48 AM, Chris Newman wrote:
>>> --On April 10, 2012 15:48:21 -0600 Peter Saint-Andre
>>> <stpeter@stpeter.im>  wrote: At the PRECIS WG session in Paris, we
>>> had quite a discussion about spaces in user names. Alexey
>>> maintained that this must have been included in SASLprep (RFC 4013)
>>> for a good reason, but the reason wasn't clear to folks in the
>>> meeting. So I have a few questions:
>>>
>>> 1. Do SASL user names really need to include spaces?
>>>
>>>> Absolutely yes. My correct name is "Chris Newman" (with a space).
>>>> A user friendly interface would use my correct name. Protocol
>>>> design should never unnecessarily obstruct the creation of user
>>>> friendly interfaces.
>>> 2. If SASL user names do *not* need to include spaces, would it be
>>> fine to re-use the PRECIS NameClass for simple user names in SASL?
>>>
>>> 3. If SASL user names *do* need to include spaces, would it be fine
>>> to define simple user names in SASL as a space-separated list of
>>> NameClass entities?
>>>
>>>> I am opposed to changing to the SASL user name ABNF in the
>>>> mechanisms, with RFC 4616 being the simplest example of that
>>>> ABNF. Given that constraint, I have little opinion about how
>>>> PRECIS is used. So the proposal sounds feasible as long as we're
>>>> not making ABNF changes to the underlying protocol.
>> The document that Alexey and I are working on will not override the
>> ABNF in any given mechanism spec (e.g., RFC 4616). However, we'll
>> probably want to look at how this work interacts with existing
>> mechanisms (e.g., would we need to update those mechanism specs to use
>> the PRECIS approach instead of the stringprep approach?).
>Yes. But hopefully several SASL mechanisms can be updated by a single 
>document.
>
>_______________________________________________
>Kitten mailing list
>Kitten@ietf.org
>https://www.ietf.org/mailman/listinfo/kitten
>
>
>