RFC Errata
RFC 2384, "POP URL Scheme", August 1998
Source of RFC: Legacy
Errata ID: 2942
Status: Held for Document Update
Type: Editorial
Publication Format(s) : TEXT
Reported By: Frank Ellermann
Date Reported: 2011-08-18
Held for Document Update by: Peter Saint-Andre
Date Held: 2011-11-15
Section 7 says:
The URL: <pop://baz;AUTH=SCRAM-MD5@foo.bar> Results in the following client commands: <connect to foo.bar, port 110> S: +OK POP3 server ready <1896.697170952@foo.bar> C: AUTH SCRAM-MD5 AGNocmlzADx0NG40UGFiOUhCMEFtL1FMWEI3MmVnQGVsZW
It should say:
The URL: <pop://baz;AUTH=CRAM-MD5@foo.bar> Results in the following client commands: <connect to foo.bar, port 110> S: +OK POP3 server ready <1896.697170952@foo.bar> C: AUTH CRAM-MD5 AGNocmlzADx0NG40UGFiOUhCMEFtL1FMWEI3MmVnQGVsZW
Notes:
The name of the SASL mechanism based on RFC 2222 when this RFC was published is CRAM-MD5 specified in RFC 2195. This is unrelated to the SCRAM-family of SASL mechanisms specified in RFC 5802. Section 4 in RFC 2384 explains the intended SASL POP mechanism names; notably no "S" to indicate SASL.
VERIFIER NOTE: We could change "SCRAM-MD5" to "CRAM-MD5", but we would need to modify the Base64 at the same time. This should be done through a document update or a separate erratum.