RE: [bagder/curl] 0d24f6: sasl: implement EXTERNAL authentication mechanism.
Date: Wed, 28 Jan 2015 20:29:27 +0000
On Tue, 27 Jan 2015, GitHub wrote:
> sasl: implement EXTERNAL authentication mechanism.
Many thanks for adding this and for knocking another TODO off the list ;-)
I have often thought about adding this myself as I believed it was relatively easy to do, due to the authentication identifier being in the same format as the username in LOGIN, however I had always had the following concerns:
* Do we need to limit this to TLS upgraded sessions - the examples in the RFC seem to use this as the EXTERNAL authentication mechanism?
* Are there other EXTERNAL mechanisms that can be used rather than client certificates?
* Should we implement support for an empty authentication identifier (via an empty username) as I believe is allowed in the RFC or do your modifications already cater for this?
- text/plain attachment: Untitled_attachment_00156.txt