[Standards] Proposed XMPP Extension: Extensible SASL Profile

Dave Cridland dave at cridland.net
Thu Feb 9 09:41:43 UTC 2017


On 9 February 2017 at 08:58, Evgeny Khramtsov <xramtsov at gmail.com> wrote:
> Thu, 9 Feb 2017 08:40:49 +0000
> Dave Cridland <dave at cridland.net> wrote:
>
>> 3) <authenticate mechanism="EXTERNAL"/><!-- (or the long-hand form
>> with both opening and closing tags) - no initial response, so the
>> server will respond with an empty string challenge - encoded as
>> <challenge>=</challenge> -->
>
> I still do not understand, what's the point in sending
> <challenge>=</challenge>?

Because the server has to send an empty string, not the absence of a challenge.

It's possible that no challenges or responses are ever absent,
actually - in which case we can simplify things enormously if we
choose. It's also possible I've misunderstood things.

Dave.


More information about the Standards mailing list