Dismiss
IP.com applications will be updated on Sunday, March 5, from 11 am to 2 pm ET, to add new functionality and content. You may experience brief service interruptions during this period. We apologize for any inconvenience.
Browse Prior Art Database

The SYS and AUTH POP Response Codes (RFC3206)

IP.com Disclosure Number: IPCOM000006948D
Original Publication Date: 2002-Feb-01
Included in the Prior Art Database: 2002-Feb-12
Document File: 7 page(s) / 10K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

R. Gellens: AUTHOR

Abstract

This memo proposes two response codes: SYS and AUTH, which enable clients to unambiguously determine an optimal response to an authentication failure. In addition, a new capability (AUTH-RESP- CODE) is defined.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 34% of the total text.

Network Working Group                                         R. Gellens

Request for Comments: 3206                                      QUALCOMM

Category: Standards Track                                  February 2002

                  The SYS and AUTH POP Response Codes

Status of this Memo

   This document specifies an Internet standards track protocol for the

   Internet community, and requests discussion and suggestions for

   improvements.  Please refer to the current edition of the "Internet

   Official Protocol Standards" (STD 1) for the standardization state

   and status of this protocol.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2002).  All Rights Reserved.

Abstract

   This memo proposes two response codes: SYS and AUTH, which enable

   clients to unambiguously determine an optimal response to an

   authentication failure.  In addition, a new capability (AUTH-RESP-

   CODE) is defined.

Table of Contents

    1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . .  2

    2.  Conventions Used in this Document . . . . . . . . . . . . . . 2

    3.  Background   . . . . . . . . . . . . . . . . . . . . . . . .  2

    4.  The SYS Response Code   . . . . . . . . . . . . . . . . . . . 3

    5.  The AUTH Response Code   . . . . . . . . . . . . . . . . . .  3

    6.  The AUTH-RESP-CODE Capability   . . . . . . . . . . . . . . . 4

    7.  IANA Considerations   . . . . . . . . . . . . . . . . . . . . 4

    8.  Security Considerations  . . . . . . . . . . . . . . . . . .  4

    9.  References   . . . . . . . . . . . . . . . . . . . . . . . .  5

   10.  Author's Address  . . . . . . . . . . . . . . . . . . . . . . 5

   11.  Full Copyright Statement   . . . . . . . . . . . . . . . . .  6

Gellens                     Standards Track                     [Page 1]

RFC 3206          The SYS and AUTH POP Response Codes      February 2002

1.  Introduction

   RFC 2449 [POP3-EXT] defined extended [POP3] response codes, to give

   clients more information about errors so clients can respond more

   appropriately.  In addition to the mechanism, two initial response

   codes were defined (IN-USE and LOGIN-DELAY), in an attempt to

   differentiate between authentication failures related to user

   credentials, and other errors.

   In practice, these two response codes, while helpful, do not go far

   enough.  This memo proposes two additional response codes:  SYS and

   AUTH, which enable clients to unambiguously determine an optimal

   response to an authentication failure.

   In addition, a new capability (AUTH-RESP-CODE) is defined.

2.  Conventions Used in this Document

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",

   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this

   document are to be interpreted as described in RFC 2119 [KEYWORDS].

3.  Background

   RFC 2449 [POP3-EXT] introduced the IN-USE and LOGIN-DELAY response

   codes.  The intent is to allow clients to clearly determine the

   underlying cause of a failure in order to respond.  For example,

   clients need to know if the user should be asked for new credentials,

   or if the POP3 session should simply be tried again later.  (Some

   deployed POP3 clients attempt to parse the text of authentication

   failure errors, looking for strings known to be...