sasl-browserid help with code review needed
Austin King
ozten at mozilla.com
Tue Sep 27 17:28:53 EDT 2011
I'm looking for a code review or any feedback on sasl-browserid.
This is a new SASL authentication mechanism for Mozillia's BrowserID
service.
Code:
https://github.com/ozten/mozillians
BrowserID background:
https://browserid.org/developers
Some questions I have:
* Is it okay to re-use SASL_CB_USER and SASL_CB_AUTHNAME
** SASL_CB_USER - browserid's assertion
** SASL_CB_AUTHNAME - browserid's audience
* Am I using the right error codes
* I'm clueless on how to setup max_ssf, any pointers?
** assertion is cyphertext already
** audience is a domain name and can be clear text
** communication with browserid.org is over https
* Any drastic changes that are needed to be considered for upstream
inclusion
* ???
Feedback could be via cyrus-devel, as github comments/issues, or via IRC
(irc.mozilla.org #identity)
thanks,
Austin King
More information about the Cyrus-devel
mailing list