[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SASL mechanisms via GSS-API and round trips
>>>>> "Nicolas" == Nicolas Williams <Nicolas.Williams@xxxxxxx> writes:
Nicolas> Sam, GS2 takes adavantage of PROT_READY where available.
No, GS2 implementations may take advantage of prot_ready where available but are not required to do so.
Nicolas>
Nicolas> I think that's enough. I don't think there's any need to
Nicolas> require PROT_READY support of new mechanisms, though I
Nicolas> would strongly recommend PROT_READY support where it is
Nicolas> actually feasible (I can imagine mechanisms where
Nicolas> PROT_READY couldn't be signalled before GSS_S_COMPLETE).
I explained why I don't think this is enough. I'd appreciate an explanation of why I'm wrong.
Note, I'm only saying we should require prot_ready for new mechanisms
that people are going to want to implement as sasl native, not for all
new mechanisms.