[ejabberd] Re: Can't mix XMPP and non-SASL auth

Leif Johansson leifj at it.su.se
Thu Nov 11 19:21:46 MSK 2004

Andreas van Cranenburgh wrote:
> On Thu, Nov 11, 2004 at 04:57:50PM +0100, Magnus Henoch wrote:
>>Peter Saint-Andre <stpeter at jabber.org> writes:
>>>And a client that doesn't do SASL should not say that it supports XMPP 
>>>1.0, either.
>>Hm, I guess that's right.  But, if SASL is required for XMPP
>>compliance, and XMPP is required for advertising stream features,
>>what's the point of having a stream feature for non-SASL
> Because perhaps forcing SASL on people is not such nice thing to do
> I for one don't really like it, within an SSL connection it doesn't have
> security benefits and the S for Simple in SASL is such a frustrating lie!
> I've spent hours on debugging it so that it would work on my mailserver
> (works now, with a few kludges).

The secret answer is that SASL is only worth the effort if you
are using GSSAPI which often implies a Kerberos or Globus/GRID

	MVH leifj

More information about the ejabberd mailing list