Service Location Working Group Leland Wallace
INTERNET DRAFT Apple Computer
Expires in six months 30 March 1998
Definition of afp: URLs for use with Service Location
draft-ietf-svrloc-afp-service-00.txt
Status of This Memo
This document is a submission by the Service Location Working Group
of the Internet Engineering Task Force (IETF). Comments should be
submitted to the srvloc@corp.home.net mailing list.
Distribution of this memo is unlimited.
This document is an Internet-Draft. Internet-Drafts are working
documents of the Internet Engineering Task Force (IETF), its areas,
and its working groups. Note that other groups may also distribute
working documents as Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at
any time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as ``work in progress.''
To view the entire list of current Internet-Drafts, please check
the "1id-abstracts.txt" listing contained in the Internet-Drafts
Shadow Directories on ftp.is.co.za (Africa), ftp.nordu.net
(Northern Europe), ftp.nis.garr.it (Southern Europe), munnari.oz.au
(Pacific Rim), ftp.ietf.org (US East Coast), or ftp.isi.edu
(US West Coast).
Abstract
This document defines the service:file-sharing:afp scheme and
attributes associated with it. This template is designed to be used
in conjuction with the Service Location Protocol [1], but may be
used with any directory service supporting attribute/value pair
registration.
Wallace Expires 30 October 1998 Page 1
Internet Draft AFP service URL Scheme March 1998
1. AFP service URL Scheme
The template described in this document is for file sharing services
using the AFP (Apple Filing Protocol) protocol [4]. The AFP protocol
can use either AppleTalk or TCP/IP as its network protocol.
The abstract service type for this service is file-sharing:afp.
Other file-sharing services, such as NFS, NCP, or SMB, could be
added to an overall file-sharing service template.
2. Authorization mechanisms
AFP supports an extensible authorization mechanism with
plug-in User Authentication Mechanisms (UAM) for the client
and server. UAM types are denoted by a string.
Current UAM names for AFP are:
"X-No User Authent" - This is "Guest" login.
"X-Cleartxt passwrd"
"X-Randnum exchange"
"X-2-Way Randnum exchange"
The prepended X- will be removed when the UAM names are
standardized. If clients accept a given UAM they SHOULD also accept
the UAM name with a prepended 'X-'.
The string ";AUTH=*" indicates that the client SHOULD select an
appropriate authentication mechanism. It MAY use any mechanism
supported in common between the server and client.
If no user name or authentication mechanism is supplied, then the
"X-No User Authent" mechanism is used. If the URL supplies just a
user name, the client SHOULD use the most secure UAM supported
in common between the server and client. For the current Macintosh
client that would be the "X-2-Way Randnum exchange" method with a
password requested from the user.
If the specified UAM is not supported by the server the client
SHOULD return an error, however it MAY fall back to the most
secure UAM supported in common between the server and client. Due
to the problems in judging relative security it is safer to return a
UAM_NOT_SUPPORTED error.
Wallace Expires 30 October 1998 Page 2
Internet Draft AFP service URL Scheme March 1998
3. The "AFP" Abstract Service
---------------------------template begins here-----------------------
type = file-sharing:afp
version = 0.1
language = en
description =
The 'file-share:afp' abstract service type describes the
attributes
supported by AppleShare File Servers conforming to the AFP
(Apple Filing Protocol) protocol. The AFP protocol can use
several different network protocols (see the url-syntax item
below).
url-syntax =
url-path = afptcpurl / afpaturl
afptcpurl = url as defined in "afp-tcpip" (below)
afpaturl = url as defined in "afp-appletalk" (below)
servername = STRING
# This attribute is a string that corresponds to the
# Servername returned in the AFPGetServerInfo [5] call.
description = STRING
# This attribute is a free form string that can contain any
# site-specific descriptive information about this server.
# For example: "Engineering Support File Server"
machine = STRING L
# This attribute is a simple text string defined by the
# manufacturer that contains some reference to the platform
# and version of the server software.
# For example: "Macintosh ASIP v6.0 "
location-description = STRING O
# A free form description of this server's physical location
# For example: "2nd floor, near the fire escape"
location-address = STRING O
# Physical/Postal address for this device. Useful for
# nailing down a group of servers in a very large corporate
# network.
# For example: 960 Main Street, San Jose, CA 95130
operator = STRING L M
# A person, or persons responsible for administrating the
# server on a day-to-day basis
Wallace Expires 30 October 1998 Page 3
Internet Draft AFP service URL Scheme March 1998
signature = Opaque L
# a 16 octet value that uniquely denotes this server
# the AppleShare IP server generates the signature
# using a MD5 hash of the server serial number.
protocol-version = STRING L M
# versions of the AFP protocol supported by this server
AFPVersion1.1, AFPVersion2.0, AFPVersion2.1, AFP2.2
protocol-family = STRING L M O
# A list of strings denoting network protocols supported by
# this server
AppleTalk, tcp-ip
volumes = STRING L M O
# names of volume served by this server, may pose a
# security risk.
# Drop Box, Public ...
auth-methods = STRING L M
# The list of authorization methods supported by this server
# "X-No User Authent" is "Guest" login.
# Current known auth-methods for AFP are:
"X-No User Authent", "X-Cleartxt passwrd", "X-Randnum exchange",
"X-2-Way Randnum exchange", "X-APOP", "X-SPEKE-1",
"X-Microsoft V1.0", "X-NetWare password"
---------------------------template ends here-------------------------
contact = "Leland Wallace" <randall@apple.com>
security considerations = Including the volumes attribute in a
registration may give an attacker valuable information to direct
an attack. This information would otherwise be difficult to discover
without authenticating to the server first.
Wallace Expires 30 October 1998 Page 4
Internet Draft AFP service URL Scheme March 1998
4. The afp Service Templates
The afp templates, as defined below, conform to the grammar described
in ``Service Templates and service: Schemes''. Please refer to [2]
for a detailed explanation of the syntax.
The afp-appletalk template:
---------------------------template begins here-----------------------
type = afp-appletalk
version = 0.1
language = en
description =
The "afp-appletalk" template describes the AFP protocol
running over AppleTalk. The at-type of the afp server is
"AFPServer". Nonterminals mentioned but not defined here
are defined in [2]
url-syntax =
urlpath = atsite
atsite = "/at/" [ user-auth "@" ] server [ "@" at-zone ]
user-auth = user [ ";AUTH=" auth-type ]
auth-type = *uchar
server = 1*31apple-char
at-zone = 1*31apple-char
apple-char = alpha / digit / safe / escaped
= ; AppleAscii [3] values that are not
= ; from the restricted range must be escaped.
= ; NOTE: The escaped values do NOT correspond
= ; to UTF8 values here: They are AppleAscii
= ; bytes.
---------------------------template ends here-------------------------
contact="Leland Wallace" <randall@apple.com>
security considerations =
Same considerations as for the abstract type.
Wallace Expires 30 October 1998 Page 5
Internet Draft AFP service URL Scheme March 1998
The afp-tcpip template:
---------------------------template begins here-----------------------
type = afp-tcpip
version = 0.1
language = en
description =
The "afp-tcpip" template describes the AFP protocol running
over TCP/IP. The IANA assigned port for afp-tcpip is 548.
Nonterminals mentioned but not defined here are defined
in [2]
url-syntax =
urlpath = ipsite
ipsite = "//" [ user-auth "@" ] hostport
user-auth = user [ ";AUTH=" auth-type ]
auth-type = *uchar
---------------------------template ends here-------------------------
contact="Leland Wallace" <randall@apple.com>
security considerations =
Same considerations as for the abstract type.
References:
[1] J. Veizades, E. Guttman, C. Perkins, and S. Kaplan. Service
Location Protocol. RFC 2165, July 1997.
[2] C. Perkins, E. Guttman, J. Kempf, ``Service Templates and
service: Schemes'', Work in Progress, March, 1998
draft-ietf-svrloc-service-scheme-09.txt
[3] Apple Computer. Inside Macintosh: Text Addison Wesley, 1993
http://devworld.apple.com/dev/techsupport/insidemac/Text/Text-2.html
[4] G. Sidhu, R .Andrews, A. Oppenheimer Inside AppleTalk,
Second Edition Addison Wesley, 1990 ISBN 0-201-55021-0
http://www.apple.com/macos/opentransport/docs/Inside_AppleTalk.pdf
Wallace Expires 30 October 1998 Page 6
Internet Draft AFP service URL Scheme March 1998
Authors Address
Questions about this memo can be directed to:
Leland Wallace
Apple Computer
1 Infinite Loop
Mail Stop 35-M
Cupertino, CA 95014
USA
1 408 974 7623
randall@apple.com
Wallace Expires 30 October 1998 Page 7
Datatracker
Report a datatracker bug
draft-ietf-svrloc-afp-service-00
Internet-Draft
| Document | Document type |
This is an older version of an Internet-Draft whose latest revision state is "Expired".
Expired & archived
|
|
|---|---|---|---|
| Select version | |||
| Compare versions | |||
| Author | |||
| RFC stream |
|
||
| Other formats | |||
| Additional resources | Mailing list discussion |