Browse Prior Art Database

POP3 AUTHentication command (RFC1734)

IP.com Disclosure Number: IPCOM000003983D
Original Publication Date: 1994-Dec-01
Included in the Prior Art Database: 2000-Sep-13
Document File: 4 page(s) / 8K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

J. Myers: AUTHOR

Abstract

This document describes the optional AUTH command, for indicating an authentication mechanism to the server, performing an authentication protocol exchange, and optionally negotiating a protection mechanism for subsequent protocol interactions. The authentication and protection mechanisms used by the POP3 AUTH command are those used by IMAP4.

This text was extracted from a ASCII document.
This is the abbreviated version, containing approximately 35% of the total text.

Network Working Group J. Myers

Request for Comments: 1734 Carnegie Mellon

Category: Standards Track December 1994

POP3 AUTHentication command

Status of this Memo

This document specifies an Internet standards track protocol for the

Internet community, and requests discussion and suggestions for

improvements. Please refer to the current edition of the "Internet

Official Protocol Standards" (STD 1) for the standardization state

and status of this protocol. Distribution of this memo is unlimited.

1. Introduction

This document describes the optional AUTH command, for indicating an

authentication mechanism to the server, performing an authentication

protocol exchange, and optionally negotiating a protection mechanism

for subsequent protocol interactions. The authentication and

protection mechanisms used by the POP3 AUTH command are those used by

IMAP4.

2. The AUTH command

AUTH mechanism

Arguments:

a string identifying an IMAP4 authentication mechanism,

such as defined by [IMAP4-AUTH]. Any use of the string

"imap" used in a server authentication identity in the

definition of an authentication mechanism is replaced with

the string "pop".

Restrictions:

may only be given in the AUTHORIZATION state

Discussion:

The AUTH command indicates an authentication mechanism to

the server. If the server supports the requested

authentication mechanism, it performs an authentication

protocol exchange to authenticate and identify the user.

Optionally, it also negotiates a protection mechanism for

subsequent protocol interactions. If the requested

authentication mechanism is not supported, the server

should reject the AUTH command by sending a negative

response.

The authentication protocol exchange consists of a series

of server challenges and client answers that are specific

to the authentication mechanism. A server challenge,

otherwise known as a ready response, is a line consisting

of a "+" character followed by a single space and a BASE64

encoded string. The client answer consists of a line

containing a BASE64 encoded string. If the client wishes

to cancel an authentication exchange, it should issue a

line with a single "*". If the server receives such an

...