[Standards] SASL2 Update incoming

Sam Whited sam at samwhited.com
Fri Aug 25 14:03:02 UTC 2017


On Fri, Aug 25, 2017, at 06:33, Dave Cridland wrote:
> Comments are most welcome!

The only thing I think needs to be changed right now, though it sounds
minor, is that the response to select the SASL stream feature does not
match the feature advertised. The server offers "<mechanisms/>" and the
client responds with "<authenticate/>. While I know there's no
requirement in 6120 that these match, it's an assumption that would be
nice to be able to make in some future stream negotiation protocol (and,
in my experience, simplifies writing stream feature APIs). Doing it now
could help ensure future compatibility. The current SASL profile is, I
think, the only widely used stream feature where the response does not
match the advertised feature, so it would also be nice for consistencies
sake if nothing else.

Thanks for all your work on this! I'll hopefully update my
implementation with your changes soon.

—Sam


More information about the Standards mailing list