[Standards] XEP-0388 (SASL2) Update

Dave Cridland dave at cridland.net
Tue Aug 15 16:14:00 UTC 2017


On 15 August 2017 at 17:08, Sam Whited <sam at samwhited.com> wrote:
> On Tue, Aug 15, 2017, at 10:12, Dave Cridland wrote:
>> * <continue/> now talks about "tasks" rather than special SASL
>> mechanisms. Tasks have essentially the same interface as SASL mechs,
>> but do different things - trying to shoehorn them into the same thing
>> wasn't mentally working for me, and for some reason everything got
>> simpler after I stopped pretending.
>
> These do seem like the same thing to me (although I don't have a strong
> opinion on this either way); what are the differences as you see them?

You can't use the post authentication tasks as normal SASL mechanisms,
and normal SASL mechanisms don't work as tasks either.

For example, a normal SASL mechanism decides what authorization
identifier to use; a task can't change that, and uses that as input.

So using a stock SASL framework, like Java's or Cyrus, to drive these
just breaks everywhere.

Dave.


More information about the Standards mailing list