As per Relevance of the word mechanism, we have this rfc below:
Network Working Group J.
Request for Comments: 1734 Carnegie
Category: Standards Track December 1994
POP3 AUTHentication
Status of this
This document specifies an Internet standards track protocol for
Internet community, and requests discussion and suggestions
improvements. Please refer to the current edition of the "
Official Protocol Standards" (STD 1) for the standardization
and status of this protocol. Distribution of this memo is unlimited
1.
This document describes the optional AUTH command, for indicating
authentication mechanism to the server, performing an
protocol exchange, and optionally negotiating a protection
for subsequent protocol interactions. The authentication
protection mechanisms used by the POP3 AUTH command are those used
IMAP4.
2. The AUTH
AUTH
Arguments
a string identifying an IMAP4 authentication mechanism
such as defined by [IMAP4-AUTH]. Any use of the
"imap" used in a server authentication identity in
definition of an authentication mechanism is replaced
the string "pop".
Restrictions
may only be given in the AUTHORIZATION
Discussion
The AUTH command indicates an authentication mechanism
the server. If the server supports the
authentication mechanism, it performs an
protocol exchange to authenticate and identify the user
Optionally, it also negotiates a protection mechanism
subsequent protocol interactions. If the
authentication mechanism is not supported, the
Myers [Page 1]
RFC 1734 POP3 AUTH December 1994
should reject the AUTH command by sending a
response
The authentication protocol exchange consists of a
of server challenges and client answers that are
to the authentication mechanism. A server challenge
otherwise known as a ready response, is a line
of a "+" character followed by a single space and a BASE64
encoded string. The client answer consists of a
containing a BASE64 encoded string. If the client
to cancel an authentication exchange, it should issue
line with a single "*". If the server receives such
answer, it must reject the AUTH command by sending
negative response
A protection mechanism provides integrity and
protection to the protocol session. If a
mechanism is negotiated, it is applied to all
data sent over the connection. The protection
takes effect immediately following the CRLF that
the authentication exchange for the client, and the CRLF
the positive response for the server. Once the
mechanism is in effect, the stream of command and
octets is processed into buffers of ciphertext.
buffer is transferred over the connection as a stream
octets prepended with a four octet field in network
order that represents the length of the following data
The maximum ciphertext buffer length is defined by
protection mechanism
The server is not required to support any
authentication mechanism, nor are authentication
required to support any protection mechanisms. If an
command fails with a negative response, the session
in the AUTHORIZATION state and client may try
authentication mechanism by issuing another AUTH command
or may attempt to authenticate by using the USER/PASS
APOP commands. In other words, the client may
authentication types in decreasing order of preference
with the USER/PASS or APOP command as a last resort
Should the client successfully complete the
exchange, the POP3 server issues a positive response
the POP3 session enters the TRANSACTION state
Possible Responses
+OK maildrop locked and
-ERR authentication exchange
Myers [Page 2]
RFC 1734 POP3 AUTH December 1994
Examples
S: +OK POP3 server
C: AUTH KERBEROS_V
S: + AmFYig==
C: BAcAQU5EUkVXLkNNVS5FRFUAOCAsho84kLN3/IJmrMG+25a4
+nZImJjnTNHJUtxAA+o0KPKfHEcAFs9a3CL5Oebe/
WwuQ1MWiy6IesKvjL5rL9WjXUb9MwT9bpObYLGOKi1
S: + or//EoAADZI
C: DiAF5A4gA+oOIALuBkAAmw==
S: +OK Kerberos V4 authentication
...
C: AUTH
S: -ERR Unrecognized authentication
Note: the line breaks in the first client answer
for editorial clarity and are not in real authentica
tors
Myers [Page 3]
RFC 1734 POP3 AUTH December 1994
3. Formal
The following syntax specification uses the augmented Backus-
Form (BNF) notation as specified in RFC 822.
Except as noted otherwise, all alphabetic characters are case
insensitive. The use of upper or lower case characters to
token strings is for editorial clarity only. Implementations
accept these strings in a case-insensitive fashion
ATOM_CHAR ::=
atom_specials ::= "(" / ")" / "{" / SPACE / CTLs / "%" / "*" /
<"> / "\"
auth ::= "AUTH" 1*(SPACE / TAB) auth_type *(CRLF base64)
auth_type ::= 1*ATOM_
base64 ::= *(4base64_CHAR) [base64_terminal
base64_char ::= "A" / "B" / "C" / "D" / "E" / "F" / "G" / "H" /
"I" / "J" / "K" / "L" / "M" / "N" / "O" / "P" /
"Q" / "R" / "S" / "T" / "U" / "V" / "W" / "X" /
"Y" / "Z" /
"a" / "b" / "c" / "d" / "e" / "f" / "g" / "h" /
"i" / "j" / "k" / "l" / "m" / "n" / "o" / "p" /
"q" / "r" / "s" / "t" / "u" / "v" / "w" / "x" /
"y" / "z" /
"0" / "1" / "2" / "3" / "4" / "5" / "6" / "7" /
"8" / "9" / "+" / "/"
;; Case-
base64_terminal ::= (2base64_char "==") / (3base64_char "=")
CHAR ::= character except NUL
0x01 - 0x7f
continue_req ::= "+" SPACE base64
CR ::=
CRLF ::= CR
CTL ::= character and DEL
0x00 - 0x1f, 0x7f
Myers [Page 4]
RFC 1734 POP3 AUTH December 1994
LF ::=
SPACE ::=
TAB ::=
4.
[IMAP4-AUTH] Myers, J., "IMAP4 Authentication Mechanisms", RFC 1731,
Carnegie Mellon, December 1994.
5. Security
Security issues are discussed throughout this memo
6. Author's
John G.
Carnegie-Mellon
5000 Forbes
Pittsburgh, PA 15213
EMail: jgm+@cmu.
Myers [Page 5]
if you see any problems within the linking, don't worry be happy,
this is version 0.1 of the Relevance System and you gotta expect some crappy subroutines sometimes,
just be content we did not write this in Java, which would have made this "bigger and better" HAHAHHA.
RFC documents can be found at I.E.T.F.
Relevance System Copyright © 2002 Spectrum WorldResearch
other technical nosh by ServerMasters Corporation
collaboration of BobX
