[Docs] [txt|pdf] [Tracker] [Email] [Nits]

Versions: 00 RFC 3206

Internet Draft                                               R. Gellens
Document: draft-gellens-pop-err-00.txt                         QUALCOMM
Expires: 28 August 2000                                28 February 2000


                  The SYS and AUTH POP Response Codes


Status of this Memo:

    This document is an Internet-Draft and is in full conformance with
    all provisions of Section 10 of RFC2026.

    Internet-Drafts are working documents of the Internet Engineering
    Task Force (IETF), its areas, and its working groups.  Note that
    other groups may also distribute working documents as
    Internet-Drafts.

    Internet-Drafts are draft documents valid for a maximum of six
    months and may be updated, replaced, or obsoleted by other documents
    at any time.  It is inappropriate to use Internet- Drafts as
    reference material or to cite them other than as "work in progress."

    The list of current Internet-Drafts can be accessed at
    <http://www.ietf.org/ietf/1id-abstracts.txt>

    The list of Internet-Draft Shadow Directories can be accessed at
    <http://www.ietf.org/shadow.html>.

    A version of this draft document is intended for submission to the
    RFC editor as a Proposed Standard for the Internet Community.
    Discussion and suggestions for improvement are requested.


Copyright Notice

    Copyright (C) The Internet Society 2000.  All Rights Reserved.


















Gellens                   Expires August 2000                   [Page 1]

Internet Draft    The SYS and AUTH POP Response Codes>February 2000

Table of Contents

     1.  Abstract . . . . . . . . . . . . . . . . . . . . . . . . . .  2
     2.  Conventions Used in this Document . . . . . . . . . . . . . . 2
     3.  Comments . . . . . . . . . . . . . . . . . . . . . . . . . .  2
     4.  Background  . . . . . . . . . . . . . . . . . . . . . . . . . 2
     5.  The SYS Response Code  . . . . . . . . . . . . . . . . . . .  3
     6.  The AUTH Response Code  . . . . . . . . . . . . . . . . . . . 3
     7.  The AUTH-RESP-CODE Capability  . . . . . . . . . . . . . . .  4
     8.  References  . . . . . . . . . . . . . . . . . . . . . . . . . 4
     9.  IANA Considerations  . . . . . . . . . . . . . . . . . . . .  5
    10.  Security Considerations . . . . . . . . . . . . . . . . . . . 5
    11.  Author's Address . . . . . . . . . . . . . . . . . . . . . .  5
    12.  Full Copyright Statement  . . . . . . . . . . . . . . . . . . 5


1.  Abstract

    RFC 2449 [POP-EXT] defined extended [POP3] response codes, to give
    clients more information about errors so clients can respond more
    appropriately.  In addition to the mechanism, two initial response
    codes were defined (IN-USE and LOGIN-DELAY), in an attempt to
    differentiate between authentication failures related to user
    credentials, and other errors.

    In practice, these two response codes, while helpful, do not go far
    enough.  This memo proposes two additional response codes:  SYS and
    AUTH, which enable clients to unambiguously determine an optimal
    response to an authentication failure.

    In addition, a new capability (AUTH-RESP-CODE) is defined.


2.  Conventions Used in this Document

    The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
    "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
    document are to be interpreted as described in RFC 2119 [KEYWORDS].


3.  Comments

    Public comments should be sent to the IETF POP3 Extensions mailing
    list, <ietf-pop3ext@imc.org>.  To subscribe, send a message
    containing SUBSCRIBE to <ietf-pop3ext-request@imc.org>.  Private
    comments should be sent to the author.


4.  Background





Gellens                   Expires August 2000                   [Page 2]

Internet Draft    The SYS and AUTH POP Response Codes>February 2000

    RFC 2449 [POP3-EXT] introduced the IN-USE and LOGIN-DELAY response
    codes.  The intent is to allow clients to clearly determine the
    underlying cause of a failure in order to respond.  For example,
    clients need to know if the user should be asked for new
    credentials, or if the POP3 session should simply be tried again
    later. (Some deployed POP3 clients attempt to parse the text of
    authentication failure errors, looking for strings known to be
    issued by various servers which indicate the mailbox is locked.)

    IN-USE indicates that an exclusive lock could not be obtained for
    the user's mailbox, probably because another POP3 session is in
    progress.  LOGIN-DELAY informs the client that the user has not
    waited long enough before authenticating again.

    However, there are other error conditions which do not require new
    credentials, some of which should be brought to the user's
    attention.

    Despite the IN-USE and LOGIN-DELAY responses, clients cannot be sure
    if any other error requires new user credentials.


5.  The SYS Response Code

    The SYS response code announces that a failure is due to a system
    error, as opposed to the user's credentials or an external
    condition.  It is hierarchical, with two possible second-level
    codes:  TEMP and PERM. (Case is not significant at any level of the
    hierarchy.)

    SYS/TEMP indicates a problem which is likely to be temporary in
    nature, and therefore there is no need to alarm the user, unless the
    failure persists.  Examples might include a central resource which
    is currently locked or otherwise temporarily unavailable,
    insufficient free disk or memory, etc.

    SYS/PERM is used for problems which are unlikely to be resolved
    without intervention.  It is appropriate to alert the user and
    suggest that the organization's support or assistance personnel be
    contacted.  Examples include corrupted mailboxes, system
    configuration errors, etc.

    The SYS response code is valid with an -ERR response to any command.


6.  The AUTH Response Code

    The AUTH response code informs the client that there is a problem
    with the user's credentials.  This might be an incorrect password,
    an unknown user name, an expired account, an attempt to authenticate
    in violation of policy (such as from an invalid location or during
    an unauthorized time), or some other problem.


Gellens                   Expires August 2000                   [Page 3]

Internet Draft    The SYS and AUTH POP Response Codes>February 2000

    The AUTH response code is valid with an -ERR response to any
    authentication command including AUTH, USER (see note), PASS, or
    APOP.

    Servers which include the AUTH response code with any authentication
    failure SHOULD support the CAPA command [POP3-EXT] and SHOULD
    include the AUTH-RESP-CODE capability in the CAPA response.
    AUTH-RESP-CODE assures the client that only errors with the AUTH
    code are caused by credential problems.


        NOTE:  Returning the AUTH response code to the USER command
        reveals to the client that the specified user exists.  It is
        strongly RECOMMENDED that the server not issue this response
        code to the USER command.


7.  The AUTH-RESP-CODE Capability

    CAPA tag:
        AUTH-RESP-CODE

    Arguments:
        none

    Added commands:
        none

    Standard commands affected:
        none

    Announced states / possible differences:
        both / no

    Commands valid in states:
        n/a

    Specification reference:
        this document

    Discussion:
        The AUTH-RESP-CODE capability indicates that the server includes
        the AUTH response code with any authentication error caused by a
        problem with the user's credentials.


8.  References

    [KEYWORDS] Bradner, "Key words for use in RFCs to Indicate
    Requirement Levels", RFC 2119, Harvard University, March 1997.
    <ftp://ftp.isi.edu/in-notes/rfc2119.txt>



Gellens                   Expires August 2000                   [Page 4]

Internet Draft    The SYS and AUTH POP Response Codes>February 2000

    [POP3] Myers, Rose, "Post Office Protocol -- Version 3", RFC 1939,
    Carnegie Mellon, Dover Beach Consulting, Inc., May 1996.
    <ftp://ftp.isi.edu/in-notes/rfc1939.txt>

    [POP-EXT] Gellens, Newman, Lundblade, "POP3 Extension Mechanism",
    RFC 2449, Qualcomm, Innosoft, Qualcomm, November 1998.
    <ftp://ftp.isi.edu/in-notes/rfc2449.txt>


9.  IANA Considerations

    IANA is requested to add the AUTH-RESP-CODE capability to the list
    of POP3 capabilities (established by RFC 2449 [POP3-EXT]).

    IANA is also requested to add the SYS and AUTH response codes to the
    list of POP3 response codes (also established by RFC 2449
    [POP3-EXT]).


10.  Security Considerations

    Section 3, The AUTH Response Code, discusses the security issues
    related to use of the AUTH response code with the USER command.


11.  Author's Address

   Randall Gellens                    +1 858 651 5115
   QUALCOMM Incorporated              randy@qualcomm.com
   5775 Morehouse Drive
   San Diego, CA  92121-2779
   U.S.A.


12.  Full Copyright Statement

    Copyright (C) The Internet Society 2000.  All Rights Reserved.

    This document and translations of it may be copied and furnished to
    others, and derivative works that comment on or otherwise explain it
    or assist in its implementation may be prepared, copied, published
    and distributed, in whole or in part, without restriction of any
    kind, provided that the above copyright notice and this paragraph
    are included on all such copies and derivative works.  However, this
    document itself may not be modified in any way, such as by removing
    the copyright notice or references to the Internet Society or other
    Internet organizations, except as needed for the purpose of
    developing Internet standards in which case the procedures for
    copyrights defined in the Internet Standards process must be
    followed, or as required to translate it into languages other than
    English.



Gellens                   Expires August 2000                   [Page 5]

Internet Draft    The SYS and AUTH POP Response Codes>February 2000

    The limited permissions granted above are perpetual and will not be
    revoked by the Internet Society or its successors or assigns.

    This document and the information contained herein is provided on an
    "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
    TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
    BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
    HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
    MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.













































Gellens                   Expires August 2000                   [Page 6]


Html markup produced by rfcmarkup 1.107, available from http://tools.ietf.org/tools/rfcmarkup/