<any octet from 00 to 377 (octal) except for
ASCII NUL (000), CR (015) and LF (012)>
Notes on Syntax:
1) To promote interoperability among variant
implementations, with respect to white space the above
syntax is understood to embody the "be conservative in
what you send and be liberal in what you accept"
philosophy. Clients and servers should not generate
unnecessary white space (space and tab characters) but
should accept white space anywhere except within a
token. In parsing responses, white space may occur
anywhere, except within a token. Specifically, any
amount of white space is permitted at the beginning or
end of a line both for queries and responses. This
does not apply for responses that contain a user ID
because everything after the colon after the operating
system type until the terminating CR/LF is taken as
part of the user ID. The terminating CR/LF is NOT
considered part of the user ID.
2) The above notwithstanding, servers should restrict the
amount of inter-token white space they send to the
smallest amount reasonable or useful. Clients should
feel free to abort a connection if they receive 1000
characters without receiving an .
3) The 512 character limit on user IDs and the 64
character limit on tokens should be understood to mean
as follows: a) No new token (i.e., OPSYS or ERROR-TYPE)
token will be defined that has a length greater than 64
and b) a server SHOULD NOT send more than 512 octets of
user ID and a client MUST accept at least 512 octets of
RFC 1413 Identification Protocol February 1993
user ID. Because of this limitation, a server MUST
return the most significant portion of the user ID in
the first 512 octets.
4) The character sets and character set identifiers should
map directly to those defined in or referenced by RFC 1340,
"Assigned Numbers" or its successors. Character set
identifiers only apply to the user identification field
- all other fields will be defined in and must be sent
as US-ASCII.
5) Although is defined as an <octet-string>
above, it must follow the format and character set
constraints implied by the <opsys-field>; see the
discussion above.
6) The character set provides context for the client to
print or store the returned user identification string.
If the client does not recognize or implement the
returned character set, it should handle the returned
identification string as OCTET, but should in addition
store or report the character set. An OCTET string
should be printed, stored or handled in hex notation
(0-9a-f) in addition to any other representation the
client implements - this provides a standard
representation among differing implementations.
6. Security Considerations
The information returned by this protocol is at most as trustworthy
as the host providing it OR the organization operating the host. For
example, a PC in an open lab has few if any controls on it to prevent
a user from having this protocol return any identifier the user
wants. Likewise, if the host has been compromised the information
returned may be completely erroneous and misleading.
The Identification Protocol is not intended as an authorization or
access control protocol. At best, it provides some additional
auditing information with respect to TCP connections. At worst, it
can provide misleading, incorrect, or maliciously incorrect
information.
The use of the information returned by this protocol for other than
auditing is strongly discouraged. Specifically, using Identification
Protocol information to make access control decisions - either as the
primary method (i.e., no other checks) or as an adjunct to other
methods may result in a weakening of normal host security.
RFC 1413 Identification Protocol February 1993
An Identification server may reveal information about users,
entities, objects or processes which might normally be considered
=4= |
