会员注册 | 登录 | 微信快捷登录 支付宝快捷登录 QQ登录 微博登录 | 帮助中心 人人文库renrendoc.com美如初恋!
站内搜索 百度文库

热门搜索: 直缝焊接机 矿井提升机 循环球式转向器图纸 机器人手爪发展史 管道机器人dwg 动平衡试验台设计

   首页 人人文库网 > 资源分类 > DOC文档下载

外文翻译--SMTP服务扩展的认证机制.doc

  • 资源星级:
  • 资源大小:61.50KB   全文页数:16页
  • 资源格式: DOC        下载权限:注册会员/VIP会员
您还没有登陆,请先登录。登陆后即可下载此文档。
  合作网站登录: 微信快捷登录 支付宝快捷登录   QQ登录   微博登录
友情提示
2:本站资源不支持迅雷下载,请使用浏览器直接下载(不支持QQ浏览器)
3:本站资源下载后的文档和图纸-无水印,预览文档经过压缩,下载后原文更清晰   

外文翻译--SMTP服务扩展的认证机制.doc

外文文献原文SMTPServiceExtensionforAuthenticationThisdocumentspecifiesanInternetstandardstrackprotocolfortheInternetcommunity,andrequestsdiscussionandsuggestionsforimprovements.PleaserefertothecurrenteditionoftheInternetOfficialProtocolStandardsSTD1forthestandardizationstateandstatusofthisprotocol.Distributionofthismemoisunlimited.CopyrightNoticeCopyrightCTheInternetSociety1999.AllRightsReserved.1.IntroductionThisdocumentdefinesanSMTPserviceextensionESMTPwherebyanSMTPclientmayindicateanauthenticationmechanismtotheserver,performanauthenticationprotocolexchange,andoptionallynegotiateasecuritylayerforsubsequentprotocolinteractions.ThisextensionisaprofileoftheSimpleAuthenticationandSecurityLayerSASL.2.ConventionsUsedinthisDocumentInexamples,CandSindicatelinessentbytheclientandserverrespectively.ThekeywordsMUST,MUSTNOT,SHOULD,SHOULDNOT,andMAYinthisdocumentaretobeinterpretedasdefinedinKeywordsforuseinRFCstoIndicateRequirementLevelsKEYWORDS.3.TheAuthenticationserviceextension1thenameoftheSMTPserviceextensionisAuthentication2theEHLOkeywordvalueassociatedwiththisextensionisAUTH3TheAUTHEHLOkeywordcontainsasaparameteraspaceseparatedlistofthenamesofsupportedSASLmechanisms.4anewSMTPverbAUTHisdefined5anoptionalparameterusingthekeywordAUTHisaddedtotheMAILFROMcommand,andextendsthemaximumlinelengthoftheMAILFROMcommandby500characters.6thisextensionisappropriateforthesubmissionprotocolSUBMIT.4.TheAUTHcommandAUTHmechanisminitialresponseArgumentsastringidentifyingaSASLauthenticationmechanism.anoptionalbase64encodedresponseRestrictionsAfteranAUTHcommandhassuccessfullycompleted,nomoreAUTHcommandsmaybeissuedinthesamesession.AfterasuccessfulAUTHcommandcompletes,aserverMUSTrejectanyfurtherAUTHcommandswitha503reply.TheAUTHcommandisnotpermittedduringamailtransaction.DiscussionTheAUTHcommandindicatesanauthenticationmechanismtotheserver.Iftheserversupportstherequestedauthenticationmechanism,itperformsanauthenticationprotocolexchangetoauthenticateandidentifytheuser.Optionally,italsonegotiatesasecuritylayerforsubsequentprotocolinteractions.Iftherequestedauthenticationmechanismisnotsupported,theserverrejectstheAUTHcommandwitha504reply.Theauthenticationprotocolexchangeconsistsofaseriesofserverchallengesandclientanswersthatarespecifictotheauthenticationmechanism.Aserverchallenge,otherwiseknownasareadyresponse,isa334replywiththetextpartcontainingaBASE64encodedstring.TheclientanswerconsistsofalinecontainingaBASE64encodedstring.Iftheclientwishestocancelanauthenticationexchange,itissuesalinewithasingle.Iftheserverreceivessuchananswer,itMUSTrejecttheAUTHcommandbysendinga501reply.TheoptionalinitialresponseargumenttotheAUTHcommandisusedtosavearoundtripwhenusingauthenticationmechanismsthataredefinedtosendnodataintheinitialchallenge.Whentheinitialresponseargumentisusedwithsuchamechanism,theinitialemptychallengeisnotsenttotheclientandtheserverusesthedataintheinitialresponseargumentasifitweresentinresponsetotheemptychallenge.Unlikeazerolengthclientanswertoa334reply,azerolengthinitialresponseissentasasingleequalssign.IftheclientusesaninitialresponseargumenttotheAUTHcommandwithamechanismthatsendsdataintheinitialchallenge,theserverrejectstheAUTHcommandwitha535reply.IftheservercannotBASE64decodetheargument,itrejectstheAUTHcommandwitha501reply.Iftheserverrejectstheauthenticationdata,itSHOULDrejecttheAUTHcommandwitha535replyunlessamorespecificerrorcode,suchasonelistedinsection6,isappropriate.Shouldtheclientsuccessfullycompletetheauthenticationexchange,theSMTPserverissuesa235reply.TheservicenamespecifiedbythisprotocolsprofileofSASLissmtp.IfasecuritylayerisnegotiatedthroughtheSASLauthenticationexchange,ittakeseffectimmediatelyfollowingtheCRLFthatconcludestheauthenticationexchangefortheclient,andtheCRLFofthesuccessreplyfortheserver.Uponasecuritylayerstakingeffect,theSMTPprotocolisresettotheinitialstatethestateinSMTPafteraserverissuesa220servicereadygreeting.TheserverMUSTdiscardanyknowledgeobtainedfromtheclient,suchastheargumenttotheEHLOcommand,whichwasnotobtainedfromtheSASLnegotiationitself.TheclientMUSTdiscardanyknowledgeobtainedfromtheserver,suchasthelistofSMTPserviceextensions,whichwasnotobtainedfromtheSASLnegotiationitselfwiththeexceptionthataclientMAYcomparethelistofadvertisedSASLmechanismsbeforeandafterauthenticationinordertodetectanactivedownnegotiationattack.TheclientSHOULDsendanEHLOcommandasthefirstcommandafterasuccessfulSASLnegotiationwhichresultsintheenablingofasecuritylayer.Theserverisnotrequiredtosupportanyparticularauthenticationmechanism,norareauthenticationmechanismsrequiredtosupportanysecuritylayers.IfanAUTHcommandfails,theclientmaytryanotherauthenticationmechanismbyissuinganotherAUTHcommand.IfanAUTHcommandfails,theserverMUSTbehavethesameasiftheclienthadnotissuedtheAUTHcommand.TheBASE64stringmayingeneralbearbitrarilylong.ClientsandserversMUSTbeabletosupportchallengesandresponsesthatareaslongasaregeneratedbytheauthenticationmechanismstheysupport,independentofanylinelengthlimitationstheclientorservermayhaveinotherpartsofitsprotocolimplementation.ExamplesS220smtp.example.comESMTPserverreadyCEHLOjgm.example.comS250smtp.example.comS250AUTHCRAMMD5DIGESTMD5CAUTHFOOBARS504Unrecognizedauthenticationtype.CAUTHCRAMMD5S334PENCeUxFREJoU0NnbmhNWitOMjNGNndAZWx3b29kLmlubm9zb2Z0LmNvbT4CZnJlZCA5ZTk1YWVlMDljNDBhZjJiODRhMGMyYjNiYmFlNzg2ZQS235Authenticationsuccessful.5.TheAUTHparametertotheMAILFROMcommandAUTHaddrspecArgumentsAnaddrspeccontainingtheidentitywhichsubmittedthemessagetothedeliverysystem,orthetwocharactersequenceindicatingsuchanidentityisunknownorinsufficientlyauthenticated.TocomplywiththerestrictionsimposedonESMTPparameters,theaddrspecisencodedinsideanxtext.Thesyntaxofanxtextisdescribedinsection5ofESMTPDSN.DiscussionTheoptionalAUTHparametertotheMAILFROMcommandallowscooperatingagentsinatrustedenvironmenttocommunicatetheauthenticationofindividualmessages.Iftheservertruststheauthenticatedidentityoftheclienttoassertthatthemessagewasoriginallysubmittedbythesuppliedaddrspec,thentheserverSHOULDsupplythesameaddrspecinanAUTHparameterwhenrelayingthemessagetoany

注意事项

本文(外文翻译--SMTP服务扩展的认证机制.doc)为本站会员(英文资料库)主动上传,人人文库网仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知人人文库网([email protected]),我们立即给予删除!

温馨提示:如果因为网速或其他原因下载失败请重新下载,重复下载不扣分。

copyright@ 2015-2017 人人文库网网站版权所有
苏ICP备12009002号-5