On Tue, 27 Jan 2015, GitHub wrote: > sasl: implement EXTERNAL authentication mechanism.
Many thanks for adding this and for knocking another TODO off the list ;-) I have often thought about adding this myself as I believed it was relatively easy to do, due to the authentication identifier being in the same format as the username in LOGIN, however I had always had the following concerns: * Do we need to limit this to TLS upgraded sessions - the examples in the RFC seem to use this as the EXTERNAL authentication mechanism? * Are there other EXTERNAL mechanisms that can be used rather than client certificates? * Should we implement support for an empty authentication identifier (via an empty username) as I believe is allowed in the RFC or do your modifications already cater for this? Kind Regards Steve
_______________________________________________ curl-commits mailing list curl-comm...@cool.haxx.se http://cool.haxx.se/cgi-bin/mailman/listinfo/curl-commits
------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
