On Fri, Jan 25, 2019 at 12:39 AM, Jonas Schäfer <[email protected]>
wrote:
My understanding is that Dave talks about Mandatory To Implement,
which is
something different than Mandatory To Deploy / Mandatory To Offer (at
least
that’s what I get from reading the relevant section in RFC 6120).
I think this is false dichotomy. But let's say it's ok. We still can
see negative outcomes of our decisions and try do our best to prevent
operators from running non-interoperable systems (and the system
without mandatory SASL mechanisms will not be interoperable, otherwise,
why would we need them to be mandatory?). To make sure, I clarify my
previous preferred MTI mechanisms (taking into consideration what Ivan
said above)
For servers: MUST for PLAIN, SHOULD for EXTERNAL and SCRAMs
For clients: MUST for PLAIN and EXTERNAL, SHOULD for SCRAMs
In this case our MTI will meet operator's needs and will prevent
potential interop problems with SCRAM.
_______________________________________________
Standards mailing list
Info: https://mail.jabber.org/mailman/listinfo/standards
Unsubscribe: [email protected]
_______________________________________________
