[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: SASL, TLS and SSLv3
Quote from rfc2222 (Simple Authentication and Security Layer):
During the authentication protocol exchange, the mechanism
performs
authentication, transmits an authorization identity
(frequently known
as a userid) from the client to server, and negotiates the
use of a
mechanism-specific security layer. If the use of a security
layer is
agreed upon, then the mechanism must also define or negotiate
the
maximum cipher-text buffer size that each side is able to
receive.
This is still not encryption per se. It is merely negotiating a
protocol for the client and server to use between them.
Jon