Mark Doliner wrote: > Oh Oct 24, 2007 at 3:38 PM Peter Saint-Andre wrote: >> Mark Doliner wrote: >>> On Oct 24, 2007 at 1:50 PM Peter Saint-Andre wrote: >>>> 6. XEP-0175: Best Practices for Use of SASL ANONYMOUS >>>> >>>> Approve version 1.1pre1? >>>> >>>> All Council members in attendance voted +1. Ralph to vote on the list. >>>> Dave raised issue about possible confusion regarding trace data. >> Council >>>> wordsmithed an acceptable solution during the meeting: >>>> >>>> http://svn.xmpp.org:18080/browse/XMPP/trunk/extensions/xep- >>>> 0175.xml?r1=1297&r2=1310 >>> The revised text says, "although RFC 4505 allows the initiating entity >> (client) to provide so-called 'trace data' when authenticating via SASL >> ANONYMOUS, it is NOT RECOMMENDED to include trace data as the XML >> character data of the <auth/> element (instead, the <auth/> element SHOULD >> be empty). However, if trace data is included, the server MUST NOT use it >> for any purpose other than tracing (e.g., in server logs)." >>> However, this seems to conflict with section 7.5.5 of draft-saintandre- >> rfc3920bis-04 [1] which shows a "malformed-request" failure when this data >> is provided for SASL ANONYMOUS. >> >> I think I already fixed that: >> >> http://svn.xmpp.org:18080/browse/XMPP/trunk/internet-drafts/draft- >> saintandre-rfc3920bis-05.xml?r1=1294&r2=1296 > > Oh, er, is "[ ... extremely-long-token ... ]" intended to imply that the > token is unusably long, like a million characters or something absurd?
It's intended to mean that it violates the rule from RFC 4505:
token = 1*255TCHAR
/psa
smime.p7s
Description: S/MIME Cryptographic Signature
