possible XMPP SASL bug?
Joe Hildebrand
joe.hildebrand at webex.com
Thu Apr 29 22:07:44 UTC 2010
On 4/29/10 3:28 PM, "Evan Schoenberg, M.D." <evan.s at dreskin.net> wrote:
> Trying all available mechanisms is the correct behavior, as far as I am aware.
> See http://trac.adium.im/ticket/8108 for a realworld use-case of this, in
> which GSSAPI is tried, and, if it fails, the desired behavior is to attempt
> CRAM-MD5 or DIGEST-MD5 password-based authentication.
The bug is less of an issue than it used to be, since XEP-78 old-style
authentication has been deprecated. Servers tend to implement SASL PLAIN
instead.
> Peter, could you please weigh in on the correct SASL authentication behavior
> when multiple co-compatible mechanisms are available and the first one
> attempted fails?
I'm interested in Peter's input, too.
--
Joe Hildebrand
More information about the devel
mailing list