On 21.03.2017 01:21, Peter Saint-Andre wrote: > On 3/20/17 4:23 PM, Dave Cridland wrote: >> On 20 March 2017 at 22:04, Florian Schmaus <f...@geekplace.eu> wrote: >>> On 20.03.2017 22:32, Dave Cridland wrote: >> Incidentally, I think a token-based SASL mechanism might be generally >> useful; > > We already have a token-based authentication mechanism for OAuth 2 > <https://datatracker.ietf.org/doc/rfc7628/> but perhaps that's not what > you had in mind...
I've also looked into that RFC, but as far as I can tell: - No channel binding - No mutual authentication - Does not signal the hash-algo as part of its SASL name → not suitable for ISR. - Florian
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Standards mailing list Info: https://mail.jabber.org/mailman/listinfo/standards Unsubscribe: standards-unsubscr...@xmpp.org _______________________________________________