[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: I-D Action:draft-ietf-sasl-channel-bindings-00.txt
Kurt Zeilenga wrote:
As RFC 4422 doesn't itself attempt to abstract away the differences
between mechanisms, it can and should remain mum here.
I actually disagree. When I think about SASL I am thinking about such
For example a protocol service name is a part of this abstraction, even
though mechanism are not required to use it. Authorization identity is
Likewise, RFC 4422 ought not try to abstract away the differences in
mechanisms that support channel bindings. For instance, presently
the suggestion is mandate two names per mechanisms.
I disagree with your first statement in this paragraph, but I am
agreeing with the second.
But what if tomorrow we find this isn't good enough. We'd have to
update RFC 4422 to allow introduction of something which was just
because we were short-sighted today.