On Thu, Jan 24, 2019 at 9:40 PM Jonas Schäfer <jo...@wielicki.name> wrote: > > On Donnerstag, 24. Januar 2019 21:03:27 CET Evgeny wrote: > > I personally prefer: > > 1) MUST for EXTERNAL and PLAIN > > 2) SHOULD for SCRAM-SHA-X-Y (I'd prefer not to use SCRAM at all > > given all the problems I have described in another thread) > > My understanding is that Dave talks about Mandatory To Implement, which is > something different than Mandatory To Deploy / Mandatory To Offer (at least > that’s what I get from reading the relevant section in RFC 6120).
I'd prefer if it remained explicitly stated that clients are to implement PLAIN. Legacy auth backends or auth libraries may require ingesting the password verbatim. _______________________________________________ Standards mailing list Info: https://mail.jabber.org/mailman/listinfo/standards Unsubscribe: standards-unsubscr...@xmpp.org _______________________________________________
