[Standards-JIG] SASL Anonymous

Magnus Henoch mange at freemail.hu
Fri Aug 26 18:15:03 UTC 2005


I'm hacking an implementation of SASL Anonymous for ejabberd[0], and I
have a question about the protocol.  The mechanism specifies one input
parameter, "trace".

RFC 2245 says:

"The trace information should take one of three forms: an Internet
 email address, an opaque string which does not contain the '@'
 character and can be interpreted by the system administrator of the
 client's domain, or nothing."

draft-ietf-sasl-anon-05 says:

"The trace information, which has no semantical value, should take one
 of two forms: an Internet email address, an opaque string which does
 not contain the '@' (U+0040) character and can be interpreted by the
 system administrator of the client's domain."

In my implementation, I interpret the trace string as the username
part of the JID, and allow access if that JID is valid and not already
used.  I guess that can be defined as an opaque string.

Should this be codified somewhere, so clients know what to provide and
expect with regards to anonymous connections?  Or is this best left as
an implementation-dependent detail?

Does this belong in another forum?

Magnus

[0] http://www.jabber.ru/bugzilla/show_bug.cgi?id=122
-- 
JID: legoscia at jabber.cd.chalmers.se




More information about the Standards mailing list