ietf-nntp Re: WG Review: Simple Authentication and Security
Layer (sasl)
Russ Allbery
rra at stanford.edu
Tue Dec 17 10:06:37 PST 2002
Jeffrey M Vinocur <jeff at litech.org> writes:
> On Tue, 17 Dec 2002, Charles Lindsey wrote:
>> So I still think we need a much lighter-weight system that just
>> encrypts the AUTHINFO stage.
> Note that despite the absence of any existing SASL mechanism to do this,
> there's no reason one can't exist, and so this need not be considered an
> objection to AUTHINFO SASL itself.
In fact, SASL gets you a lot closer, since once you have SASL all you have
to do is implement a new SASL mechanism and you don't have to worry about
the rest of the protocol; the SASL profile will take care of all of that
for you.
This conversation seems to be going around in circles. :)
--
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
More information about the ietf-nntp
mailing list