[Standards] Anonymous SASL and Presence
dave at cridland.net
Tue Jun 30 16:09:34 UTC 2009
On Tue Jun 30 16:46:04 2009, Eloi Bail wrote:
> To authenticate to a XMPP server, I must implement encryption. I
> wanted to
> test without it, to have a XMPP client as light as possible...
> I have to go strait to SASL with encryption so...
Although the specification says that plaintext authentication MUST
NOT be offered without an encryption layer in place, I'm not aware of
any server that does not offer a configuration where plaintext
authentication without any TLS is allowed.
I'm pretty sure that the majority of deployments offer both SASL
PLAIN, and the older XEP-0078, without any TLS or other encryption.
That said, there are also lots of SASL libraries and TLS libraries,
for almost every language, so if you *are* implementing encryption,
that's probably a bad thing anyway. :-)
Dave Cridland - mailto:dave at cridland.net - xmpp:dwd at dave.cridland.net
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade
More information about the Standards