[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: SASL mechanisms that return no data in last leg

To: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Subject: Re: SASL mechanisms that return no data in last leg
From: Alexey Melnikov <Alexey.Melnikov@isode.com>
Date: Wed, 10 Mar 2004 12:14:51 +0900
Cc: lukeh@PADL.COM, ietf-ldapbis@OpenLDAP.org
In-reply-to: <6.0.1.1.0.20040309155948.0515df90@127.0.0.1>
References: <200403040556.QAA02107@au.padl.com> <404A778D.90302@isode.com> <6.0.1.1.0.20040309155948.0515df90@127.0.0.1>
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax)

Kurt D. Zeilenga wrote:

I'd have to agree with Alexey.  The mechanism for provide data
with the last leg of the exchange is optional.  That is, if there
is data to be sent AND the server chooses not to require
another roundtrip, the server can attach the data to last
message.

Another point is that SASL allows the mechanism data
in any message of the exchange to be any octet string,
including a zero length string.  Hence, it seems that
no string and a zero length string are not necessarily
semantically equivalent here.

This is correct, however LDAP is the first SASL profile I've seen that is able to represent them differently. Do you think that we should say something about this in the base SASL document?

Alexey

Follow-Ups:
- Re: SASL mechanisms that return no data in last leg
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

References:
- SASL mechanisms that return no data in last leg
  - From: Luke Howard <lukeh@PADL.COM>
- Re: SASL mechanisms that return no data in last leg
  - From: Alexey Melnikov <Alexey.Melnikov@isode.com>
- Re: SASL mechanisms that return no data in last leg
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: Intro issues (Was: authmeth review notes [long])
Next by Date: Authentication issues (Re: authmeth review notes [long])
Index(es):
- Chronological
- Thread