[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: authmeth-07 issues

To: ietf-ldapbis@OpenLDAP.org
Subject: Re: authmeth-07 issues
From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>
Date: Wed, 15 Oct 2003 13:28:33 +0200
In-reply-to: <HBF.20031014pk3@bombur.uio.no>
References: <HBF.20031014pk3@bombur.uio.no>

I wrote:

> State the effect of a failed SASL bind or a non-SASL bind on an existing
> SASL security layer.  I expect it would be something like this:
> 
>   A bindRequest (successful or not) which is not successfully abandoned,
>   cancels [is that the right word?] any previously established SASL
>   security layer, so that the bindResponse is sent without that layer.
> 
> [Or - if there are outstanding, possibly-abandoned requests, will the
> client know when the security layer gets cancelled?  Does the layer
> itself necessarily contain a "cancel" operation so the client can tell?]

Sorry, I was thinking of ease of SASL implementations when I wrote this.
A way which would be predictable is for the layer to be cancelled after
the server response.  I don't know _which_ server response though...
I'll take this to the SASL list (ietf-sasl@imc.org).

-- 
Hallvard

References:
- authmeth-07 issues
  - From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>

Prev by Date: Re: authmeth-07 issues
Next by Date: RE: Steven's protocol comments
Index(es):
- Chronological
- Thread