[Standards] SASL2 Update incoming

Dave Cridland dave at cridland.net
Fri Aug 25 22:22:52 UTC 2017

On 25 August 2017 at 18:53, Evgeny Khramtsov <xramtsov at gmail.com> wrote:
> In fact, I would like to see
> log-in procedure in a *single* request-response and in this case we
> gain a lot, I can even resign myself to significant RFC replacement in
> this case.


That does the authentication itself in 1-RTT, assuming that a client
pipelines the authenticate with the stream-open and has cached the

We can add more features to this (resource binding, roster versioning,
MAM/Carbons/etc) quite easily, which we cannot with the RFC SASL.

SASL2 is *not* a panacea, as Sam says - but it is an enabling measure.


More information about the Standards mailing list