ietf-nntp Re: WG Review: Simple Authentication and SecurityLayer
(sasl)
Ken Murchison
ken at oceana.com
Tue Dec 17 11:25:58 PST 2002
Russ Allbery wrote:
>
> Jeffrey M Vinocur <jeff at litech.org> writes:
> > On Tue, 17 Dec 2002, Charles Lindsey wrote:
>
> >> So I still think we need a much lighter-weight system that just
> >> encrypts the AUTHINFO stage.
>
> > Note that despite the absence of any existing SASL mechanism to do this,
> > there's no reason one can't exist, and so this need not be considered an
> > objection to AUTHINFO SASL itself.
>
> In fact, SASL gets you a lot closer, since once you have SASL all you have
> to do is implement a new SASL mechanism and you don't have to worry about
> the rest of the protocol; the SASL profile will take care of all of that
> for you.
>
> This conversation seems to be going around in circles. :)
Yes it does!
Let's discontinue this thread until we get Jeff's I-D and some
implementation experience. FWIW, I already have working SASL and
STARTTLS implementations in the Cyrus server based on Chris Newman's
original draft (similar to the IMAP/POP3/SMTP profiles). My guess (and
fear) is that these won't jive with Jeff's first draft, unless Rob and I
were very persuasive in our arguments. ;)
--
Kenneth Murchison Oceana Matrix Ltd.
Software Engineer 21 Princeton Place
716-662-8973 x26 Orchard Park, NY 14127
--PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp
More information about the ietf-nntp
mailing list