[Date Prev][Date Next]
RE: SASL, TLS and SSLv3
On 2 Dec, Jon Parry-McCulloch wrote:
> Quote from rfc2222 (Simple Authentication and Security Layer):
> During the authentication protocol exchange, the mechanism
> authentication, transmits an authorization identity
> (frequently known
> as a userid) from the client to server, and negotiates the
> use of a
> mechanism-specific security layer. If the use of a security
> layer is
> agreed upon, then the mechanism must also define or negotiate
> maximum cipher-text buffer size that each side is able to
> This is still not encryption per se. It is merely negotiating a
> protocol for the client and server to use between them.
Yep, but SASL compliance would require support for encryption in libs
and servers and thus make the openldap source a weapon.
// Bart Hartgers <Hartgers@kfm1.phys.tue.nl>
// UCE NOT wanted!!