[Standards] Proposed XMPP Extension: Extensible SASL Profile

Dave Cridland dave at cridland.net
Mon Feb 13 17:04:51 UTC 2017


On 13 February 2017 at 15:53, Evgeny Khramtsov <xramtsov at gmail.com> wrote:
> Mon, 13 Feb 2017 13:49:30 +0000
> Alexey Melnikov <alexey.melnikov at isode.com> wrote:
>
>> Initial SASL response was not in the original SASL specification, so
>> it was added later. So some clients (possibly using older SASL
>> libraries) would never emit it. The server can't know whether the
>> client doesn't support initial response, so it has to respond to
>> absent initial response with an empty string.
>
> OK, I see, thanks.
> Anyway, would be great adding brief rationale why this does matter,
> because that's not only me who thought there is no difference and treats
> "=" as an empty string (from private conversations with other
> developers).

Given Alexey's explanation, we might actually be able to get rid of
the distinction - that is, if it's not needed in <challenge/> and
<response/>, the new profile has optional elements for the other
cases. (I'd need to "fix" next-authenticate/> though).


More information about the Standards mailing list