Dear all, I'm currently looking for how to harmonize http username profile candidate with other framework profiles, especially with saslprepbis. By the way, while I reread the related drafts, I reached to have a question on the examples shown in Section 4.3 of current saslprepbis draft.
+---------------------------------+---------------------------------+ | 8 | <"juliet"@example.com> | Quotation marks (U+0022) in | | | | userpart | +---------------------------------+---------------------------------+ | 9 | <foo [email protected]> | Space (U+0020) in userpart | +---------------------------------+---------------------------------+ | 10| <@example.com> | Zero-length userpart | +---------------------------------+---------------------------------+ The above three examples in the draft are stated invalid as "username"s. However, following the definition of IdentifierClass in the draft-ietf-precis-framework-17, in Section 3.2.1, the "idpoint" rule explicitly includes characters <@> (U+0040) and <"> (U+0022), because IdentifierClass "grandfathers" all ASCII printable characters within U+0021 - U+007E. Thus, the above three examples matches the first rule of the username username = userpart [1*(1*SP userpart)] (with userpart = 1*(idpoint) as a subsidiary rule.) In Example 9, "foo" and "[email protected]" are two userpart components for the username. So, these three examples seems to be valid "username"s. How can I understand this? P.S. If this way of parsing "userpart" component is intended one, the second clause of the username rule userpart '@' domainpart seems to be redundant, because the domainpart domainpart = IP-literal / IPv4address / ifqdn seems to be included in userpart (if my understanding of domainpoint (ifqdn) as a proper subset of idpoint is correct). At least, all valid examples 1 to 7 shown in the saslprepbis draft is accepted by the _first_ clause of username rule, as a single userpart. P.S. Using the saslprepbis examples as inputs, my intention for httpauthprep definition is as follows: examples 1-10 valid, 11 invalid. I'm almost neutral for 12. At least it intends to grandfather all sequences of ASCII character sequences in range U+0020 (SP) - U+007E (~), except those with leading or trailing SPs. -- Yutaka OIWA, Ph.D. Leader, System Life-cycle Research Group Research Institute for Secure Systems (RISEC) National Institute of Advanced Industrial Science and Technology (AIST) Mail addresses: <[email protected]>, <[email protected]> OpenPGP: id[440546B5] fp[7C9F 723A 7559 3246 229D 3139 8677 9BD2 4405 46B5] _______________________________________________ precis mailing list [email protected] https://www.ietf.org/mailman/listinfo/precis
