this is a german Web-Mirror of MHONARC.ORG powered by Domainunion AG

ietf-smtp
[Top] [All Lists]

Re: line lengths for AUTH

2006-12-11 03:32:23

Frank Ellermann wrote:

Alexey Melnikov wrote:
I guess the document can specify an absolute minimum and allow
implementations to support bigger line lengths.
For an example see RFC 3461 chapter 5.4.  Anything over the RFC
2821 limit 512 is documented resulting in a limit 1036 for DSN.
There is already some text in the document about the AUTH parameter length limit, as well as about the authentication exchange line length limit.

This can get rather long for the various DIGEST-MD5 parameters,
especially realm, nonce, cnonce, user, auth-"uri", and authzid.
DIGEST-MD5 limits each step of authentication exchange to 2048 bytes.

Plus parameters with smaller limits, algorithm, qop, nc, digest,
stale, maxbuf, charset, prep, and cipher-opts, depending on the
chosen DIGEST-MD5 variant.  The example in RFC 4643 is:

[C] dXNlcm5hbWU9InRlc3QiLHJlYWxtPSJlYWdsZS5vY2VhbmEuY29tIixub25j
   ZT0ic2F5QU9oQ0VLR0lkUE1IQzB3dGxlTHFPSWNPSTJ3UVlJZTR6emVBdHVp
   UT0iLGNub25jZT0iMFkzSlFWMlRnOVNjRGlwK08xU1ZDMHJoVmcvLytkbk9J
   aUd6LzdDZU5KOD0iLG5jPTAwMDAwMDAxLHFvcD1hdXRoLWNvbmYsY2lwaGVy
   PXJjNCxtYXhidWY9MTAyNCxkaWdlc3QtdXJpPSJubnRwL2xvY2FsaG9zdCIs
   cmVzcG9uc2U9ZDQzY2Y2NmNmZmE5MDNmOWViMDM1NmMwOGEzZGIwZjI=

356 chars. for short values like nntp/localhost and a simple realm.