Dismiss
The IQ application will be briefly unavailable on Sunday, March 31st, starting at 10:00am ET. Access will be restored as quickly as possible.
Browse Prior Art Database

Telnet Authentication: SPX (RFC1412)

IP.com Disclosure Number: IPCOM000002238D
Original Publication Date: 1993-Jan-01
Included in the Prior Art Database: 2019-Feb-10
Document File: 4 page(s) / 5K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

K. Alagappan: AUTHOR

Related Documents

10.17487/RFC1412: DOI

Abstract

This memo defines an Experimental Protocol for the Internet community.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 51% of the total text.

Network Working Group K. Alagappan Request for Comments: 1412 Digital Equipment Corporation January 1993

Telnet Authentication: SPX

Status of this Memo

This memo defines an Experimental Protocol for the Internet community. Discussion and suggestions for improvement are requested. Please refer to the current edition of the "IAB Official Protocol Standards" for the standardization state and status of this protocol. Distribution of this memo is unlimited.

1. Command Names and Codes

Authentication Types

SPX 3

Suboption Commands

AUTH 0 REJECT 1 ACCEPT 2

2. Command Meanings

IAC SB AUTHENTICATION IS <authentication-type-pair> AUTH <SPX authentication token> IAC SE

This is used to pass the SPX authentication token to the remote side of the connection. (A document which describes the authentication token syntax is forthcoming.) The first octet of the <authentication-type-pair> value is SPX. The second octet is a modifier to the SPX authentication type.

IAC SB AUTHENTICATION REPLY <authentication-type-pair> ACCEPT <mutual response> IAC SE

This command indicates that the authentication was successful. After an SPX authentication exchange, both sides have securely established a random 8-byte key to be used as the default key for the ENCRYPTION option. If the AUTH_HOW_MUTUAL bit is set in the second octet of the authentication-type-pair, the sender includes the mutual response bytes. The receiver of the ACCEPT command compares the "mutual response" with its expected mutual response.

Telnet Working Group [Page 1]

RFC 1412 SPX for Telnet January 1993

(A document which describes the mutual response syntax is forth coming.) If the AUTH_HOW_ONE_WAY bit is set in the second octet of the authentication-type-pair, the sender includes zero bytes of mutual response.

IAC SB AUTHENTICATION REPLY <authentication-type-pair> REJECT <optional reason for rejection> IAC SE

This command indicates that the authentication was not successful, and if there is any more data in the sub-option, it is an ASCII text message of the reason for the rejection.

3. Implementation Rules

Every command after the first AUTHENTICATION IS must carry the same set of modifiers (e.g., CLIENT|MUTUAL) for subsequent AUTHENTICATION IS and AUTHENTICATION REPLY commands.

If the second octet of the authentication-type-pair has the AUTH_WHO bit set to AUTH_WHO_CLIENT, then the client sends the initial AUTH command, and the server responds with either ACCEPT or REJECT.

If the second octet of the authentication-type-pair has the AUTH_WHO bit set to AUTH_WHO_SERVER, then the server sends the initial AUTH command, and the client responds with either ACCEPT or REJECT.

4. Examples

User "joe" may wish to log in as user "pete" on machine "foo". If "pete" has set things up on "foo" to allow "joe" access to his account, then the client would send IAC SB AUTHENTICATION NAME "pete" IAC SE IAC SB AUTHENTICATION IS SPX AUTH <joe’s spx authentication token> IAC SE. The server would then authenticate the user as "joe" f...

Processing...
Loading...