Re: Calculation of SASL GS2 mechanism names

[Simon Josefsson <jas@xxxxxxxxxxx>]

Alexey Melnikov <alexey.melnikov@xxxxxxxxx> writes:

> Sam Hartman wrote:
>
>>One question to consider is whether a gss implementation is more
>>likely to have the dot-separated OID or the BER form.
>>  
>>
> Does GSS-API specify how OIDs are stored?
>
>>Also, note that BER is canonical.  Consider the difference between 1.002 and 1.2

A side-note: BER isn't canonical.  DER is canonical, and GS2 uses it.
Unfortunately, RFC 2743 is not strict on the terminology, and mixes
BER and DER.

> I would rather say that the dot-separated form must be canonical,
> rather than forcing people to implement BER encoding in there SASL
> implementations ;-).

I don't care either way.

I suspect some SASL implementations will not bother to implement DER
encoding for GS2, but hard code the hand-computed SASL name for the
GSS-API mechanism they know are supported.

/Simon