[Standards] TOTP and enforced password changes in SASL2

Dave Cridland dave at cridland.net
Thu Aug 24 18:49:55 UTC 2017


On 24 August 2017 at 17:02, Kevin Smith <kevin.smith at isode.com> wrote:
> On 24 Aug 2017, at 16:56, Dave Cridland <dave at cridland.net> wrote:
>> Moreover, SASL2 is designed to handle a lot more than just TOTP etc -
>> we can merge in resource binding without any additional round-trips,
>> for example, if I can ever persuade Kev to see things my way. So it's
>> more efficient, and more incentive to get people to add SASL2 support.
>
> I’m not at all opposed to merging bind2 into sasl2 in some sensible way. I was opposed to delaying discussing and getting a strawman out for bind2 until after we had sasl2, because I suspected sasl2 to be contentious and wanted the discussion sooner than later.

Oh, I know that. I meant you want to remove the ability to allow
clients to pick a resource.

I think we're all agreed on making bind2 a SASL2 thing.

Dave.


More information about the Standards mailing list