RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

RFC 2384, "POP URL Scheme", August 1998

Source of RFC: Legacy

Errata ID: 2942
Status: Held for Document Update
Type: Editorial
Publication Format(s) : TEXT

Reported By: Frank Ellermann
Date Reported: 2011-08-18
Held for Document Update by: Peter Saint-Andre
Date Held: 2011-11-15

Section 7 says:

   The URL:

        <pop://baz;AUTH=SCRAM-MD5@foo.bar>

   Results in the following client commands:

        <connect to foo.bar, port 110>

        S: +OK POP3 server ready <1896.697170952@foo.bar>
        C: AUTH SCRAM-MD5 AGNocmlzADx0NG40UGFiOUhCMEFtL1FMWEI3MmVnQGVsZW

It should say:

   The URL:

        <pop://baz;AUTH=CRAM-MD5@foo.bar>

   Results in the following client commands:

        <connect to foo.bar, port 110>

        S: +OK POP3 server ready <1896.697170952@foo.bar>
        C: AUTH CRAM-MD5 AGNocmlzADx0NG40UGFiOUhCMEFtL1FMWEI3MmVnQGVsZW

Notes:

The name of the SASL mechanism based on RFC 2222 when this RFC was published is CRAM-MD5 specified in RFC 2195. This is unrelated to the SCRAM-family of SASL mechanisms specified in RFC 5802. Section 4 in RFC 2384 explains the intended SASL POP mechanism names; notably no "S" to indicate SASL.

VERIFIER NOTE: We could change "SCRAM-MD5" to "CRAM-MD5", but we would need to modify the Base64 at the same time. This should be done through a document update or a separate erratum.

Report New Errata



Advanced Search