The SYS and AUTH POP Response Codes
RFC 3206

Document Type RFC - Proposed Standard (February 2002; No errata)
Was draft-gellens-pop-err (individual)
Last updated 2013-03-02
Stream Legacy
Formats plain text pdf html
Stream Legacy state (None)
Document shepherd No shepherd assigned
IESG IESG state RFC 3206 (Proposed Standard)
Telechat date
Responsible AD (None)
Send notices to (None)
Network Working Group                                         R. Gellens
Request for Comments: 3206                                      QUALCOMM
Category: Standards Track                                  February 2002

                  The SYS and AUTH POP Response Codes

Status of this Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2002).  All Rights Reserved.

Abstract

   This memo proposes two response codes: SYS and AUTH, which enable
   clients to unambiguously determine an optimal response to an
   authentication failure.  In addition, a new capability (AUTH-RESP-
   CODE) is defined.

Table of Contents

    1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . .  2
    2.  Conventions Used in this Document . . . . . . . . . . . . . . 2
    3.  Background   . . . . . . . . . . . . . . . . . . . . . . . .  2
    4.  The SYS Response Code   . . . . . . . . . . . . . . . . . . . 3
    5.  The AUTH Response Code   . . . . . . . . . . . . . . . . . .  3
    6.  The AUTH-RESP-CODE Capability   . . . . . . . . . . . . . . . 4
    7.  IANA Considerations   . . . . . . . . . . . . . . . . . . . . 4
    8.  Security Considerations  . . . . . . . . . . . . . . . . . .  4
    9.  References   . . . . . . . . . . . . . . . . . . . . . . . .  5
   10.  Author's Address  . . . . . . . . . . . . . . . . . . . . . . 5
   11.  Full Copyright Statement   . . . . . . . . . . . . . . . . .  6

Gellens                     Standards Track                     [Page 1]
RFC 3206          The SYS and AUTH POP Response Codes      February 2002

1.  Introduction

   RFC 2449 [POP3-EXT] defined extended [POP3] response codes, to give
   clients more information about errors so clients can respond more
   appropriately.  In addition to the mechanism, two initial response
   codes were defined (IN-USE and LOGIN-DELAY), in an attempt to
   differentiate between authentication failures related to user
   credentials, and other errors.

   In practice, these two response codes, while helpful, do not go far
   enough.  This memo proposes two additional response codes:  SYS and
   AUTH, which enable clients to unambiguously determine an optimal
   response to an authentication failure.

   In addition, a new capability (AUTH-RESP-CODE) is defined.

2.  Conventions Used in this Document

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in RFC 2119 [KEYWORDS].

3.  Background

   RFC 2449 [POP3-EXT] introduced the IN-USE and LOGIN-DELAY response
   codes.  The intent is to allow clients to clearly determine the
   underlying cause of a failure in order to respond.  For example,
   clients need to know if the user should be asked for new credentials,
   or if the POP3 session should simply be tried again later.  (Some
   deployed POP3 clients attempt to parse the text of authentication
   failure errors, looking for strings known to be issued by various
   servers which indicate the mailbox is locked.)

   IN-USE indicates that an exclusive lock could not be obtained for the
   user's mailbox, probably because another POP3 session is in progress.
   LOGIN-DELAY informs the client that the user has not waited long
   enough before authenticating again.

   However, there are other error conditions which do not require new
   credentials, some of which should be brought to the user's attention.

   Despite the IN-USE and LOGIN-DELAY responses, clients cannot be sure
   if any other error requires new user credentials.

Gellens                     Standards Track                     [Page 2]
RFC 3206          The SYS and AUTH POP Response Codes      February 2002

4.  The SYS Response Code

   The SYS response code announces that a failure is due to a system
   error, as opposed to the user's credentials or an external condition.
   It is hierarchical, with two possible second-level codes: TEMP and
   PERM.  (Case is not significant at any level of the hierarchy.)

   SYS/TEMP indicates a problem which is likely to be temporary in
   nature, and therefore there is no need to alarm the user, unless the
   failure persists.  Examples might include a central resource which is
Show full document text