Errata Search
RFC Number:		Errata ID:
Source of RFC		Status:	All/Any Verified+Reported Verified Reported Held for Document Update Rejected
Area Acronym:	All/Any app art gen int ops rai rtg sec tsv wit	Type:	All/Any Editorial Technical
WG Acronym:		Submitter Name:
Other:	All/Any IAB INDEPENDENT IRTF Legacy Editorial	Date Submitted:
Summary Table Full Records

RFC 4954, "SMTP Service Extension for Authentication", July 2007

Note: This RFC has been updated by RFC 5248

Source of RFC: IETF - NON WORKING GROUP
Area Assignment: app
See Also: RFC 4954 w/ inline errata

---

Errata ID: 5224
Status: Verified
Type: Editorial
Publication Format(s) : TEXT
Reported By: Bastian Schumacher
Date Reported: 2018-01-02
Verifier Name: Orie Steele
Date Verified: 2024-04-01

Section 4 says:

If the initial
response argument is omitted and the chosen mechanism requires
an initial client response, the server MUST proceed as defined
in Section 5.1 of [SASL]. 

[...]

If use of the initial response
argument would cause the AUTH command to exceed this length,
the client MUST NOT use the initial response parameter (and
instead proceed as defined in Section 5.1 of [SASL]).

It should say:

If the initial
response argument is omitted and the chosen mechanism requires
an initial client response, the server MUST proceed as defined
in Section 5.1 of [RFC 2222]. 

[...]

If use of the initial response
argument would cause the AUTH command to exceed this length,
the client MUST NOT use the initial response parameter (and
instead proceed as defined in Section 5.1 of [RFC 2222]).

Notes:

[SASL] points to RFC 4422 that does not contain a Section 5.1.
So the Original text leads to confusion. The referenced Text can be found in RFC 2222 instead.

Report New Errata