[Search] [txt|pdf|bibtex] [Tracker] [WG] [Email] [Nits]

Versions: 00 01                                                         
Service Location Working Group                            Leland Wallace
INTERNET DRAFT                                            Apple Computer
Expires in six months                                     30 March 1998


          Definition of afp:  URLs for use with Service Location
                   draft-ietf-svrloc-afp-service-00.txt


Status of This Memo

   This document is a submission by the Service Location Working Group
   of the Internet Engineering Task Force (IETF).  Comments should be
   submitted to the srvloc@corp.home.net mailing list.

   Distribution of this memo is unlimited.

   This document is an Internet-Draft.  Internet-Drafts are working
   documents of the Internet Engineering Task Force (IETF), its areas,
   and its working groups.  Note that other groups may also distribute
   working documents as Internet-Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at
   any time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as ``work in progress.''

   To view the entire list of current Internet-Drafts, please check
   the "1id-abstracts.txt" listing contained in the Internet-Drafts
   Shadow Directories on ftp.is.co.za (Africa), ftp.nordu.net
   (Northern Europe), ftp.nis.garr.it (Southern Europe), munnari.oz.au
   (Pacific Rim), ftp.ietf.org (US East Coast), or ftp.isi.edu
   (US West Coast).


Abstract

   This document defines the service:file-sharing:afp scheme and
   attributes associated with it.  This template is designed to be used
   in conjuction with the Service Location Protocol [1], but may be
   used with any directory service supporting attribute/value pair
   registration.













Wallace                  Expires 30 October 1998                  Page 1
Internet Draft           AFP service URL Scheme               March 1998



1. AFP service URL Scheme

    The template described in this document is for file sharing services
    using the AFP (Apple Filing Protocol) protocol [4]. The AFP protocol
    can use either AppleTalk or TCP/IP as its network protocol.

    The abstract service type for this service is file-sharing:afp.
    Other file-sharing services, such as NFS, NCP, or SMB, could be
    added to an overall file-sharing service template.

2.  Authorization mechanisms
    AFP supports an extensible authorization mechanism with
    plug-in User Authentication Mechanisms (UAM) for the client
    and server. UAM types are denoted by a string.

        Current UAM names for AFP are:
            "X-No User Authent" - This is "Guest" login.
            "X-Cleartxt passwrd"
            "X-Randnum exchange"
            "X-2-Way Randnum exchange"


    The prepended X- will be removed when the UAM names are
    standardized. If clients accept a given UAM they SHOULD also accept
    the UAM name with a prepended 'X-'.

    The string ";AUTH=*" indicates that the client SHOULD select an
    appropriate authentication mechanism.  It MAY use any mechanism
    supported in common between the server and client.

    If no user name or authentication mechanism is supplied, then the
    "X-No User Authent" mechanism is used.  If the URL supplies just a
    user name, the client SHOULD use the most secure UAM supported
    in common between the server and client. For the current Macintosh
    client that would be the "X-2-Way Randnum exchange" method with a
    password requested from the user.

    If the specified UAM is not supported by the server the client
    SHOULD return an error, however it MAY fall back to the most
    secure UAM supported in common between the server and client. Due
    to the problems in judging relative security it is safer to return a
    UAM_NOT_SUPPORTED error.








Wallace                  Expires 30 October 1998                  Page 2
Internet Draft           AFP service URL Scheme               March 1998



3. The "AFP" Abstract Service
  ---------------------------template begins here-----------------------
    type = file-sharing:afp

    version = 0.1

    language = en

    description =
        The 'file-share:afp' abstract service type describes the
        attributes
        supported by AppleShare File Servers conforming to the AFP
        (Apple Filing Protocol) protocol. The AFP protocol can use
        several different network protocols (see the url-syntax item
        below).

    url-syntax =
        url-path   = afptcpurl / afpaturl
        afptcpurl    = url as defined in "afp-tcpip" (below)
        afpaturl     = url as defined in "afp-appletalk" (below)

    servername = STRING
        # This attribute is a string that corresponds to the
        # Servername returned in the AFPGetServerInfo [5] call.

    description = STRING
        # This attribute is a free form string that can contain any
        # site-specific descriptive information about this server.
        # For example: "Engineering Support File Server"

    machine = STRING L
        # This attribute is a simple text string defined by the
        # manufacturer that contains some reference to the platform
        # and version of the server software.
        # For example:  "Macintosh ASIP v6.0 "

    location-description = STRING O
        # A free form description of this server's physical location
        # For example:  "2nd floor, near the fire escape"

    location-address = STRING O
        # Physical/Postal address for this device.  Useful for
        # nailing down a group of servers in a very large corporate
        # network.
        # For example:  960 Main Street, San Jose, CA 95130

    operator = STRING L M
        # A person, or persons responsible for administrating the
        # server on a day-to-day basis



Wallace                  Expires 30 October 1998                  Page 3
Internet Draft           AFP service URL Scheme               March 1998



    signature = Opaque L
        # a 16 octet value that uniquely denotes this server
        # the AppleShare IP server generates the signature
        # using a MD5 hash of the server serial number.

    protocol-version = STRING L M
        # versions of the AFP protocol supported by this server
        AFPVersion1.1, AFPVersion2.0, AFPVersion2.1, AFP2.2

    protocol-family = STRING L M O
        # A list of strings denoting network protocols supported by
        # this server
        AppleTalk, tcp-ip

    volumes = STRING L M O
        # names of volume served by this server, may pose a
        # security risk.
        # Drop Box, Public ...

    auth-methods = STRING L M
        # The list of authorization methods supported by this server
        #   "X-No User Authent" is "Guest" login.
        #   Current known auth-methods for AFP are:
        "X-No User Authent", "X-Cleartxt passwrd", "X-Randnum exchange",
        "X-2-Way Randnum exchange", "X-APOP", "X-SPEKE-1",
        "X-Microsoft V1.0", "X-NetWare password"



  ---------------------------template ends here-------------------------

    contact = "Leland Wallace" <randall@apple.com>

    security considerations = Including the volumes attribute in a
    registration may give an attacker valuable information to direct
    an attack. This information would otherwise be difficult to discover
    without authenticating to the server first.













Wallace                  Expires 30 October 1998                   Page 4
Internet Draft           AFP service URL Scheme               March 1998




4. The afp Service Templates

   The afp templates, as defined below, conform to the grammar described
   in ``Service Templates and service:  Schemes''.  Please refer to [2]
   for a detailed explanation of the syntax.

    The afp-appletalk template:

  ---------------------------template begins here-----------------------

        type = afp-appletalk

        version = 0.1

        language = en

        description =
            The "afp-appletalk" template describes the AFP protocol
            running over AppleTalk. The at-type of the afp server is
            "AFPServer". Nonterminals mentioned but not defined here
            are defined in [2]

        url-syntax =
            urlpath    = atsite
            atsite     = "/at/" [ user-auth "@" ] server [ "@" at-zone ]
            user-auth  = user [ ";AUTH=" auth-type ]
            auth-type  = *uchar
            server     = 1*31apple-char
            at-zone    = 1*31apple-char
            apple-char = alpha / digit / safe / escaped
                       = ; AppleAscii [3] values that are not
                       = ; from the restricted range must be escaped.
                       = ; NOTE: The escaped values do NOT correspond
                       = ; to UTF8 values here:  They are AppleAscii
                       = ; bytes.


  ---------------------------template ends here-------------------------

    contact="Leland Wallace" <randall@apple.com>
    security considerations =
        Same considerations as for the abstract type.






Wallace                  Expires 30 October 1998                 Page 5
Internet Draft           AFP service URL Scheme             March 1998




    The afp-tcpip template:
  ---------------------------template begins here-----------------------

        type = afp-tcpip

        version = 0.1

        language = en

        description =
            The "afp-tcpip" template describes the AFP protocol running
            over TCP/IP. The IANA assigned port for afp-tcpip is 548.
            Nonterminals mentioned but not defined here are defined
            in [2]

        url-syntax =
            urlpath     =   ipsite
            ipsite      =   "//"  [ user-auth "@" ] hostport
            user-auth   =   user [ ";AUTH=" auth-type ]
            auth-type   =   *uchar


  ---------------------------template ends here-------------------------

    contact="Leland Wallace" <randall@apple.com>
    security considerations =
    Same considerations as for the abstract type.


References:

    [1] J. Veizades, E. Guttman, C. Perkins, and S. Kaplan.  Service
        Location Protocol.  RFC 2165, July 1997.

    [2] C. Perkins, E. Guttman, J. Kempf, ``Service Templates and
        service: Schemes'', Work in Progress, March, 1998
        draft-ietf-svrloc-service-scheme-09.txt

    [3] Apple Computer.  Inside Macintosh:  Text  Addison Wesley, 1993
http://devworld.apple.com/dev/techsupport/insidemac/Text/Text-2.html

    [4] G. Sidhu, R .Andrews, A. Oppenheimer  Inside AppleTalk,
        Second Edition  Addison Wesley, 1990    ISBN 0-201-55021-0
http://www.apple.com/macos/opentransport/docs/Inside_AppleTalk.pdf




Wallace                  Expires 30 October 1998                 Page 6
Internet Draft           AFP service URL Scheme             March 1998




Authors Address

   Questions about this memo can be directed to:

Leland Wallace
Apple Computer
1 Infinite Loop
Mail Stop 35-M
Cupertino, CA 95014
USA
1 408 974 7623
randall@apple.com





































Wallace                  Expires 30 October 1998                Page 7