[Standards] Proposed XMPP Extension: Extensible SASL Profile

Alexey Melnikov alexey.melnikov at isode.com
Mon Feb 13 13:49:30 UTC 2017


Hi,

On 09/02/2017 08:58, Evgeny Khramtsov wrote:

> Thu, 9 Feb 2017 08:40:49 +0000
> Dave Cridland <dave at cridland.net> wrote:
>
>> 3) <authenticate mechanism="EXTERNAL"/><!-- (or the long-hand form
>> with both opening and closing tags) - no initial response, so the
>> server will respond with an empty string challenge - encoded as
>> <challenge>=</challenge> -->
> I still do not understand, what's the point in sending
> <challenge>=</challenge>?
In the case of SASL EXTERNAL empty initial response has a special 
meaning, so it has to be encoded differently from absent initial response.

Initial SASL response was not in the original SASL specification, so it 
was added later. So some clients (possibly using older SASL libraries) 
would never emit it. The server can't know whether the client doesn't 
support initial response, so it has to respond to absent initial 
response with an empty string.

Best Regards,
Alexey



More information about the Standards mailing list