[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
brief authmeth notes
After a brief look at authmeth-13, the changes that have been done so
far mostly look good. A few exceptions:
> 10. SASL EXTERNAL Authentication Mechanism
> The authorization identity used to determine the state of the
> association is derived from the security credentials in an
> implementation-specific manner.
This is wrong, the authorization identity may be sent with the EXTERNAL
request. 'Authentication identity' is derived... in authmeth-12 was
right, as far as I can tell.
I notice the suggestion to remove authentication 'state' in thread
"authmeth: association -= authentication ID" was taken, but Appendix A
retains one "authentication state" which should probably be
"authorization state" or "association state".
--
Hallvard