Hi Yutaka, sorry again for the seriously delayed reply...
On 7/21/14, 7:51 AM, Yutaka OIWA wrote:
Dear all,
I'm currently looking for how to harmonize http username profile candidate
with other framework profiles, especially with saslprepbis.
By the way, while I reread the related drafts,
I reached to have a question on the examples shown in
Section 4.3 of current saslprepbis draft.
+---------------------------------+---------------------------------+
| 8 | <"juliet"@example.com> | Quotation marks (U+0022) in |
| | | userpart |
+---------------------------------+---------------------------------+
| 9 | <foo [email protected]> | Space (U+0020) in userpart |
+---------------------------------+---------------------------------+
| 10| <@example.com> | Zero-length userpart |
+---------------------------------+---------------------------------+
The above three examples in the draft are stated invalid as "username"s.
However, following the definition of IdentifierClass in the
draft-ietf-precis-framework-17, in Section 3.2.1,
the "idpoint" rule explicitly includes characters
<@> (U+0040) and <"> (U+0022), because
IdentifierClass "grandfathers" all ASCII printable
characters within U+0021 - U+007E.
Thus, the above three examples matches the
first rule of the username
username = userpart [1*(1*SP userpart)]
(with
userpart = 1*(idpoint)
as a subsidiary rule.)
In Example 9, "foo" and "[email protected]"
are two userpart components for the username.
So, these three examples seems to be valid "username"s.
How can I understand this?
Your understanding appears to be correct, and saslprepbis appears to be
wrong.
The portions of Examples 9 and 10 before the at-sign violate the
userpart rule, but not the username rule.
P.S.
If this way of parsing "userpart" component is intended one,
the second clause of the username rule
userpart '@' domainpart
seems to be redundant, because the domainpart
domainpart = IP-literal / IPv4address / ifqdn
seems to be included in userpart
(if my understanding of domainpoint (ifqdn) as a proper
subset of idpoint is correct).
At least, all valid examples 1 to 7 shown in the saslprepbis
draft is accepted by the _first_ clause of username rule,
as a single userpart.
P.S.
Using the saslprepbis examples as inputs,
my intention for httpauthprep definition is as follows:
examples 1-10 valid, 11 invalid.
That seems to be correct.
I'm almost neutral for 12.
If HTTPAUTH wants to allow symbols, then it needs to make its own
profile of the PRECIS FreeformClass.
At least it intends to grandfather all sequences of ASCII
character sequences in range U+0020 (SP) - U+007E (~),
except those with leading or trailing SPs.
Agreed.
Peter
--
Peter Saint-Andre
https://andyet.com/
_______________________________________________
precis mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/precis
