[squid-dev] Support lower case http/ spn format for realmd/adcli join support.
Amos Jeffries
squid3 at treenet.co.nz
Wed Jun 27 22:20:51 UTC 2018
On 28/06/18 08:24, Mike Surcouf wrote:
> Thanks Amos for your comprehensive reply.. open SSH requires lower case
> host/ and as you say windows doesn't seem to care so they solved it for
> that case but seems that uppercase is the convention for HTTP.
> Do you have an official reference for HTTP/. As the official uppercase
> format of SPN for http protocol.i will then file a bug on the adcli repo.
>
If I'm understanding the descriptions right it is
<https://tools.ietf.org/html/rfc4120#section-6.2> .
with the SPN being "realm/principal"
6.1 says realm is case sensitive.
6.2 says principal is case insensitive and syntax may be of several
types, one of those being:
principal = name '@' host
I am taking an educated guess that since the resulting syntax of those
would look like REALM/SomeName at example.org that is what the SPN string
is based on.
The case of "HTTP" as in transport is RFC 7230. Specifically section 2.6
(<https://tools.ietf.org/html/rfc7230#section-2.6>) where the exact
octets are prescribed:
"
HTTP-name = %x48.54.54.50 ; "HTTP", case-sensitive
"
Anything else is non-compliant with HTTP and may contain arbitrary other
errors in both syntax and behaviour - handle at own risk, etc.
Amos
More information about the squid-dev
mailing list