This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author jelie
Recipients eric.araujo, jelie, pitrou, r.david.murray
Date 2010-11-12.23:34:29
SpamBayes Score 0.00041616455
Marked as misclassified No
Message-id <1289604872.15.0.357130822508.issue10284@psf.upfronthosting.co.za>
In-reply-to
Content 
RFC 4616 about SASL PLAIN:

   The mechanism consists of a single message, a string of [UTF-8]
   encoded [Unicode] characters, from the client to the server.  The
   client presents the authorization identity (identity to act as),
   followed by a NUL (U+0000) character, followed by the authentication
   identity (identity whose password will be used), followed by a NUL
   (U+0000) character, followed by the clear-text password.  As with
   other SASL mechanisms, the client does not provide an authorization
   identity when it wishes the server to derive an identity from the
   credentials and use that as the authorization identity.
[...]
   The authorization identity (authzid), authentication identity
   (authcid), password (passwd), and NUL character deliminators SHALL be
   transferred as [UTF-8] encoded strings of [Unicode] characters.


That's one of the reasons why AUTHINFO SASL is better than AUTHINFO USER.  It also allows whitespaces (a few news servers do not parse well whitespaces in user names or passwords after AUTHINFO USER/PASS -- imagine " test" with a leading space).  Solved with SASL.
History
Date User Action Args
2010-11-12 23:34:32jeliesetrecipients: + jelie, pitrou, eric.araujo, r.david.murray
2010-11-12 23:34:32jeliesetmessageid: <1289604872.15.0.357130822508.issue10284@psf.upfronthosting.co.za>
2010-11-12 23:34:29jelielinkissue10284 messages
2010-11-12 23:34:29jeliecreate