[standards-jig] Re: [Foundation] Last Minute JEP 78 Concerns
thoutbeckers at splendo.com
Tue May 27 17:16:13 UTC 2003
Peter Saint-Andre <stpeter at jabber.org> wrote on 27-5-2003 17:45:00:
>OK. I guess I have two questions:
>1. Is it realistic to expect clients on all platforms to support SASL?
>Remember that I'm not a coder. :-) However, I've been told that it is
>unreasonable to expect some platforms (J2ME is the main one I've heard
>mentioned) to support SASL authentication anytime soon.
It's not that it can't be implemented in J2ME. It's more that it takes
more code to do so. Currently many popular J2ME target devices that
will be here for the next few years have a 64KB or even 50KB limit on
program size. But even SHA1 is often too big then, wich I believe is
required by SASL!
That currently leaves only plaintekst. You can do better (for mobile
phones) if you work together with the operators but that's a painfull
and slow process, and ofcourse not available to everyone. Another
alternative is that some devices support making an HTTP request over
SSL, wich could be used for external authentication. Some newer devices
will support SSL sockets as well.
Software Engineer @ Splendo
More information about the Standards