18 Mar
2024
18 Mar
'24
10:58 a.m.
On Mon, 18 Mar 2024, 17:32 Stephen Paul Weber, <singpolyma(a)singpolyma.net>
wrote:
Except that it is not. For example all of the SCRAM-SASL-* profiles can
easily support authentication with any of the passwords on an account, but
they need to know in advance which one is being used. So SASL mechanism is
insufficient for selecting credential by itself.
The same goes for the HT-* token mechanisms.
Yes, I mean, the SASL profile itself doesn't do anything there.
If you want to indicate a particular credential, you could use the
authentication identifier to select which, and the authorization identifier
might remain the same. Or a mechanism might support multiple credentials.
But the SASL profile isn't involved here.
_______________________________________________
However it does lack any way to support indicating to
the server
which
credential will be used, other than perhaps by implication from the SASL
mechanism.
That's not the purview of a SASL profile. If a SASL mechanism supports
multiple credentials, that's entirely encapsulated within that mechanism. Standards mailing list -- standards(a)xmpp.org
To unsubscribe send an email to standards-leave(a)xmpp.org