John Levine writes: > After digging through a festival of acronyms, I ended up at RFC > 6616.
Thank you! > There are certainly OpenID libraries, but I don't know to what extent > anyone has written the code to splice them into SASL. Were we (on dmarc@ietf) talking all along about OpenID when we wrote "OAuth"? They're different, although I don't know exactly how or why (and neither RFC made obvious mention of the other :-( ). I'm not sure who you know among the authors of that RFC, but I've worked with Simon Josefsson, who would surely help if he has time, and has done a lot of implementation. (I suspect Barry knows him too.) Given that Simon is on the side of SASL/OpenID vs. OAuth, I suspect that OpenID is the more practical of the two standards. > I would propose doing the submission hack, explicitly noting that SASL > has a variety of different ways to authenticate with different > usability and security trade offs. I think that's a good starting point for discussion. With a little luck it could be quite close to eventual implementation, too. :-) Steve _______________________________________________ Mailman-Developers mailing list [email protected] https://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
