RFC Errata
Found 2 records.
Status: Verified (1)
RFC 2384, "POP URL Scheme", August 1998
Source of RFC: Legacy
Errata ID: 2943
Status: Verified
Type: Technical
Publication Format(s) : TEXT
Reported By: Frank Ellermann
Date Reported: 2011-08-18
Verifier Name: Peter Saint-Andre
Date Verified: 2011-11-14
Section 7 says:
S: +OK POP3 server ready <1896.697170952@mail.eudora.com> C: APOP rg c4c9334bac560ecc979e58001b3e22fb
It should say:
S: +OK POP3 server ready <1896.697170952@mail.eudora.com> C: APOP rg 8f5de26536bc248ba202a9ca612e71bd
Notes:
If the password for user "rg" is "secret" as in the plain PASS example before this APOP example, then
MD5("<1896.697170952@mail.eudora.com>secret") should be as shown in the corrected text.
The original text is a modification of the APOP example in RFC 1939, and
MD5("<1896.697170952@dbc.mtview.ca.us>tanstaaf") almost certainly will not match any plausible
MD5("<1896.697170952@mail.eudora.com>"||password).
Status: Held for Document Update (1)
RFC 2384, "POP URL Scheme", August 1998
Source of RFC: Legacy
Errata ID: 2942
Status: Held for Document Update
Type: Editorial
Publication Format(s) : TEXT
Reported By: Frank Ellermann
Date Reported: 2011-08-18
Held for Document Update by: Peter Saint-Andre
Date Held: 2011-11-15
Section 7 says:
The URL: <pop://baz;AUTH=SCRAM-MD5@foo.bar> Results in the following client commands: <connect to foo.bar, port 110> S: +OK POP3 server ready <1896.697170952@foo.bar> C: AUTH SCRAM-MD5 AGNocmlzADx0NG40UGFiOUhCMEFtL1FMWEI3MmVnQGVsZW
It should say:
The URL: <pop://baz;AUTH=CRAM-MD5@foo.bar> Results in the following client commands: <connect to foo.bar, port 110> S: +OK POP3 server ready <1896.697170952@foo.bar> C: AUTH CRAM-MD5 AGNocmlzADx0NG40UGFiOUhCMEFtL1FMWEI3MmVnQGVsZW
Notes:
The name of the SASL mechanism based on RFC 2222 when this RFC was published is CRAM-MD5 specified in RFC 2195. This is unrelated to the SCRAM-family of SASL mechanisms specified in RFC 5802. Section 4 in RFC 2384 explains the intended SASL POP mechanism names; notably no "S" to indicate SASL.
VERIFIER NOTE: We could change "SCRAM-MD5" to "CRAM-MD5", but we would need to modify the Base64 at the same time. This should be done through a document update or a separate erratum.