[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: SASL, TLS and SSLv3



On  2 Dec, Jon Parry-McCulloch wrote:
> 
> 
> 	Quote from rfc2222 (Simple Authentication and Security Layer):
> 
> 	 During the authentication protocol exchange, the mechanism
> performs
> 	   authentication, transmits an authorization identity
> (frequently known
> 	   as a userid) from the client to server, and negotiates the
> use of a
> 	   mechanism-specific security layer.  If the use of a security
> layer is
> 	   agreed upon, then the mechanism must also define or negotiate
> the
> 	   maximum cipher-text buffer size that each side is able to
> receive.
> 
> 	This is still not encryption per se. It is merely negotiating a
> protocol for the client and server to use between them.
> 
> 	Jon
Yep, but SASL compliance would require support for encryption in libs
and servers and thus make the openldap source a weapon.

Bart 

-- 
// Bart Hartgers  <Hartgers@kfm1.phys.tue.nl>
// UCE NOT wanted!!