On Fri, 25 Jan 2008, Bill Janssen wrote:
> The example given in
> RFC 2595, which is not for IMAP, illustrates a PLAIN exchange thusly:
> C: a003 AUTHENTICATE "PLAIN" {21+}
> C: <NUL>tim<NUL>tanstaaftanstaaf
> That is, it's one message, giving two parameters, "PLAIN" and the
> authentication information.
It is a mistake to assume that an example for ACAP has any relationship to
IMAP. It does not.
The other, more basic, mistake is in using to obsolete documents.
Please refer to:
RFC 3501 documentation on the syntax of the AUTHENTICATE
command in IMAP
RFC 4422 documentation of the SASL framework
RFC 4616 documentation of the PLAIN extension
RFC 4959 documentation of the SASL-IR extension in IMAP
Within the framework of SASL (RFC 4422), there is an identification of the
mechansim and a challenge/response exchange. Depending upon the
mechanism, the challenge/response exchange may start with a challenge or a
response.
The protocol used determines the syntax by how this works; thus the
determination of the syntax of SASL in IMAP is by IMAP (RFC 3501). IMAP
assumes an initial server challenge, so with a mechanism such as PLAIN
(RFC 4616) that requires an initial client response, the server MUST send
an empty initial server challenge in response to an AUTHENTICATE PLAIN
command in IMAP.
Last, and absolutely least, RFC 4959 details a way that the initial
response can be sent in the AUTHENTICATE command IF, AND ONLY IF, the
server allows that facility. Note that the client is under no obligation
to use that facility even if the server allows it.
-- Mark --
http://staff.washington.edu/mrc
Science does not emerge from voting, party politics, or public debate.
Si vis pacem, para bellum.