[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
protocol: new SASL layers
I believe this text should be deleted.
> If a SASL transfer encryption or integrity mechanism has been negotiated,
> that mechanism does not support the changing of credentials from one
> identity to another, then the client MUST instead establish a new
> connection.
Each SASL negotiation is, generally, independent of other SASL
negotiations. If there were dependencies between multiple
negotiations of a particular mechanism, the mechanism technical
specification should detail how applications are to deal with
them. LDAP should not require any special handling. And if
an LDAP client had used such a mechanism, it would have the
option of using another mechanism.
Comments?
Kurt