Service Location Working Group Leland Wallace
Category: INTERNET DRAFT Apple Computer
Expires April 1999
October 30 1998
Definition of afp: URLs for use with Service Location
draft-ietf-svrloc-afp-service-01.txt
Status of this Memo
This document is a submission by the Service Location Working Group
of the Internet Engineering Task Force (IETF). Comments should be
submitted to the srvloc@srvloc.org mailing list.
Distribution of this memo is unlimited.
This document is an Internet-Draft. Internet-Drafts are working
documents of the Internet Engineering Task Force (IETF), its areas,
and its working groups. Note that other groups may also distribute
working documents as Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six
months and may be updated, replaced, or obsoleted by other
documents at any time. It is inappropriate to use Internet-Drafts
as reference material or to cite them other than as
``work in progress.''
To view the entire list of current Internet-Drafts, please check
the "1id-abstracts.txt" listing contained in the Internet-Drafts
Shadow Directories on ftp.is.co.za (Africa), ftp.nordu.net
(Northern Europe), ftp.nis.garr.it (Southern Europe), munnari.oz.au
(Pacific Rim), ftp.ietf.org (US East Coast), or ftp.isi.edu
(US West Coast).
Abstract
This document defines the service:file-sharing:afp scheme and
attributes associated with it. This template is designed to be used
in conjuction with the Service Location Protocol [1], but may be
used with any directory service supporting attribute/value pair
registration.
Wallace Expires April 30, 1999 [Page 1]
INTERNET-DRAFT afp URLs for use with Service Location October 30, 1998
Table of Contents
Status of this Memo 1
Abstract 1
Table of Contents 2
1. AFP service URL Scheme 3
1.1. Authorization mechanisms 3
2. The "AFP" Abstract Service 4
2.1. The afp Service Templates 6
2.1.1. The afp-appletalk template 6
2.1.2. The afp-tcpip template 7
3. References: 7
4. Authors Address 7
Wallace Expires April 30, 1999 [Page 2]
INTERNET-DRAFT afp URLs for use with Service Location October 30, 1998
1. AFP service URL Scheme
The template described in this document is for file sharing
services using the AFP (Apple Filing Protocol) protocol [4].
The AFP protocol can use either AppleTalk or TCP/IP as its
network protocol.
The abstract service type for this service is file-sharing:afp.
Other file-sharing services, such as NFS, NCP, or SMB, could be
added to an overall file-sharing service template.
1.1. Authorization mechanisms
AFP supports an extensible authorization mechanism with
plug-in User Authentication Mechanisms (UAM) for the client
and server. UAM types are denoted by a string.
Current UAM names for AFP are:
"X-No User Authent" - This is "Guest" login.
"X-Cleartxt passwrd"
"X-Randnum exchange"
"X-2-Way Randnum exchange"
The prepended X- will be removed when the UAM names are
standardized. If clients accept a given UAM they SHOULD also accept
the UAM name with a prepended 'X-'.
The string ";AUTH=*" indicates that the client SHOULD select an
appropriate authentication mechanism. It MAY use any mechanism
supported in common between the server and client.
If no user name or authentication mechanism is supplied, then the
"X-No User Authent" mechanism is used. If the URL supplies just a
user name, the client SHOULD use the most secure UAM supported
in common between the server and client. For the current Macintosh
client that would be the "X-2-Way Randnum exchange" method with a
password requested from the user.
If the specified UAM is not supported by the server the client
SHOULD return an error, however it MAY fall back to the most
secure UAM supported in common between the server and client. Due
to the problems in judging relative security it is safer to return a
UAM_NOT_SUPPORTED error.
Wallace Expires April 30, 1999 [Page 3]
INTERNET-DRAFT afp URLs for use with Service Location October 30, 1998
2. The "AFP" Abstract Service
Name of submitter: "Leland Wallace" <randall@apple.com>
Language of service template: en
Security Considerations:
Including the volumes attribute in a registration may give an
attacker valuable information to direct an attack. This
information would otherwise be difficult to discover
without authenticating to the server first.
Template Text:
--------------------------template begins here-----------------------
type = file-sharing:afp
version=0.1
language=en
description=
The 'file-share:afp' abstract service type describes the
attributes
supported by AppleShare File Servers conforming to the AFP
(Apple Filing Protocol) protocol. The AFP protocol can use
several different network protocols (see the url-syntax item
below).
url-syntax=
url-path = afptcpurl / afpaturl
afptcpurl = url as defined in "afp-tcpip" (below)
afpaturl = url as defined in "afp-appletalk" (below)
servername=STRING
# This attribute is a string that corresponds to the
# Servername returned in the AFPGetServerInfo [5] call.
description=STRING
# This attribute is a free form string that can contain any
# site-specific descriptive information about this server.
# For example: "Engineering Support File Server"
machine=STRING L
# This attribute is a simple text string defined by the
# manufacturer that contains some reference to the platform
# and version of the server software.
# For example: "Macintosh ASIP v6.0 "
location-description=STRING O
# A free form description of this server's physical location
# For example: "2nd floor, near the fire escape"
location-address=STRING O
# Physical/Postal address for this device. Useful for
# nailing down a group of servers in a very large corporate
# network.
# For example: 960 Main Street, San Jose, CA 95130
operator=STRING L M
# A person, or persons responsible for administrating the
# server on a day-to-day basis
Wallace Expires April 30, 1999 [Page 4]
INTERNET-DRAFT afp URLs for use with Service Location October 30, 1998
signature=Opaque L
# a 16 octet value that uniquely denotes this server
# the AppleShare IP server generates the signature
# using a MD5 hash of the server serial number.
protocol-version=STRING L M
# versions of the AFP protocol supported by this server
AFPVersion1.1, AFPVersion2.0, AFPVersion2.1, AFP2.2
protocol-family=STRING L M O
# A list of strings denoting network protocols supported by
# this server
AppleTalk, tcp-ip
volumes=STRING L M O
# names of volume served by this server, may pose a
# security risk.
# Drop Box, Public ...
auth-methods=STRING L M
# The list of authorization methods supported by this server
# "X-No User Authent" is "Guest" login.
# Current known auth-methods for AFP are:
"X-No User Authent", "X-Cleartxt passwrd",
"X-Randnum exchange", "X-2-Way Randnum exchange",
"X-APOP", "X-SPEKE-1", "X-Microsoft V1.0",
"X-NetWare password"
--------------------------template ends here-----------------------
Wallace Expires April 30, 1999 [Page 5]
INTERNET-DRAFT afp URLs for use with Service Location October 30, 1998
2.1. The afp Service Templates
The afp templates, as defined below, conform to the grammar
described in ``Service Templates and service: Schemes''.
Please refer to [2] for a detailed explanation of the syntax.
2.1.1. The afp-appletalk template
Name of submitter: "Leland Wallace" <randall@apple.com>
Language of service template: en
Security Considerations:
Same considerations as for the abstract type.
Template Text:
--------------------------template begins here---------------------
type=afp-appletalk
version=0.2
language=en
description=
The "afp-appletalk" template describes the AFP protocol
running over AppleTalk. The at-type of the afp server is
"AFPServer". Nonterminals mentioned but not defined here
are defined in [2]
url-syntax=
urlpath = atsite
atsite = "/at/" [ user-auth "@" ] server [ ":" at-zone ]
user-auth = user [ ";AUTH=" auth-type ]
auth-type = *uchar
server = 1*31apple-char
at-zone = 1*31apple-char
apple-char = alpha / digit / safe / escaped
= ; AppleAscii [3] values that are not
= ; from the restricted range must be escaped.
= ; NOTE: The escaped values do NOT correspond
= ; to UTF8 values here: They are AppleAscii
= ; bytes.
---------------------------template ends here-----------------------
Wallace Expires April 30, 1999 [Page 6]
INTERNET-DRAFT afp URLs for use with Service Location October 30, 1998
2.1.2. The afp-tcpip template
Name of submitter: "Leland Wallace" <randall@apple.com>
Language of service template: en
Security Considerations:
Same considerations as for the abstract type.
Template Text:
---------------------------template begins here---------------------
type=afp-tcpip
version=0.1
language=en
description=
The "afp-tcpip" template describes the AFP protocol running
over TCP/IP. The IANA assigned port for afp-tcpip is 548.
Nonterminals mentioned but not defined here are defined
in [2]
url-syntax=
urlpath = ipsite
ipsite = "//" [ user-auth "@" ] hostport
user-auth = user [ ";AUTH=" auth-type ]
auth-type = *uchar
---------------------------template ends here-----------------------
3. References:
[1] J. Veizades, E. Guttman, C. Perkins, and S. Kaplan. Service
Location Protocol. RFC 2165, July 1997.
[2] C. Perkins, E. Guttman, J. Kempf, ``Service Templates and
service: Schemes'', Work in Progress, October, 1998
draft-ietf-svrloc-service-scheme-11.txt
[3] Apple Computer. Inside Macintosh: Text Addison Wesley, 1993
http://devworld.apple.com/dev/techsupport/insidemac/Text/Text-2.html
[4] G. Sidhu, R .Andrews, A. Oppenheimer Inside AppleTalk,
Second Edition Addison Wesley, 1990 ISBN 0-201-55021-0
http://www.apple.com/macos/opentransport/docs/Inside_AppleTalk.pdf
4. Authors Address
Questions about this memo can be directed to:
Leland Wallace
Apple Computer
1 Infinite Loop
Mail Stop 35-M
Cupertino, CA 95014, USA
Wallace Expires April 30, 1999 [Page 7]
