[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: SASL/EXTERNAL and CLDAP
At 11:31 AM 6/5/00 -0700, Bruce Greenblatt wrote:
>Why couldn't I write a draft titled "Using SASL/EXTERNAL mechanism in
>connectionless protocols"?
SASL/EXTERNAL is a part of SASL. SASL is designed for use
by application protocols which use connection oriented transports.
Though one can base a new framework for application protocols
which use connectionless transports, any Standard Track specification
for such must be complete. Defining a connectionless SASL/EXTERNAL
without connectionless SASL makes no sense to me. Anyways, such
work would likely be out of scope of CLDAP and LDAPext WG.
CLDAP must provide a secure authentication mechanism designed
for use with the intended transport. In lieu of a general
framework supporting connectionless transports, I suggest a
simple, yet secure authentication choice be added. However,
there may be other choices, I would suggest we consult the
Security Area folks for a recommendation in this area.