Re: [Standards] XEP-0388 (SASL2) Update
On 15 August 2017 at 17:08, Sam Whitedwrote: > On Tue, Aug 15, 2017, at 10:12, Dave Cridland wrote: >> * now talks about "tasks" rather than special SASL >> mechanisms. Tasks have essentially the same interface as SASL mechs, >> but do different things - trying to shoehorn them into the same thing >> wasn't mentally working for me, and for some reason everything got >> simpler after I stopped pretending. > > These do seem like the same thing to me (although I don't have a strong > opinion on this either way); what are the differences as you see them? You can't use the post authentication tasks as normal SASL mechanisms, and normal SASL mechanisms don't work as tasks either. For example, a normal SASL mechanism decides what authorization identifier to use; a task can't change that, and uses that as input. So using a stock SASL framework, like Java's or Cyrus, to drive these just breaks everywhere. Dave. ___ Standards mailing list Info: https://mail.jabber.org/mailman/listinfo/standards Unsubscribe: standards-unsubscr...@xmpp.org ___
Re: [Standards] XEP-0388 (SASL2) Update
On Tue, Aug 15, 2017, at 10:12, Dave Cridland wrote: > * now talks about "tasks" rather than special SASL > mechanisms. Tasks have essentially the same interface as SASL mechs, > but do different things - trying to shoehorn them into the same thing > wasn't mentally working for me, and for some reason everything got > simpler after I stopped pretending. These do seem like the same thing to me (although I don't have a strong opinion on this either way); what are the differences as you see them? —Sam ___ Standards mailing list Info: https://mail.jabber.org/mailman/listinfo/standards Unsubscribe: standards-unsubscr...@xmpp.org ___
[Standards] XEP-0388 (SASL2) Update
GitHub PR: https://github.com/xsf/xeps/pull/493 Folks, I've had a bit of a crack at implementing SASL2 in Openfire, with a view to getting "Password change at next login" and (in the future) TOTP support in place around SASL2. I've also implemented it in stanza.io. In the course of this, I found various things about the design which either didn't work, or else caused rather more effort than I really wanted. The main changes I've made are: * I did away with the "=" encoding for empty strings. It was daft, as Alexey suggested, and wasn't required. * is now followed immediately by . Otherwise it's very hard to decide what to do next. There's no stream restart, so this is still keeping the RTTs down. * now talks about "tasks" rather than special SASL mechanisms. Tasks have essentially the same interface as SASL mechs, but do different things - trying to shoehorn them into the same thing wasn't mentally working for me, and for some reason everything got simpler after I stopped pretending. These changes made it fairly straightforward to implement. Comments welcome... Dave. ___ Standards mailing list Info: https://mail.jabber.org/mailman/listinfo/standards Unsubscribe: standards-unsubscr...@xmpp.org ___