DIGEST-MD5 authzid question

Dave Cridland dave at cridland.net
Fri Feb 2 18:50:38 EST 2007


On Fri Feb  2 20:27:30 2007, Remko Tronçon wrote:
>> I would guess that it's to avoid the case where a server
>> implementation always rejects any request for an authzid.
> 
> Well, I have this problem with an XMPP server, but in XMPP, the
> authzid for a user is different from its authid, so the check 
> doesn't
> help. Luckily, an authzid in XMPP can never be used as an authid, so
> we don't have a problem with the equality check.

Oh. Then my client code's wrong - I've been cheerfully sending a full 
jid, but yes, RFC3920 6.1.6 clearly states I'm wrong to do so. That 
said, I'm more than a little surprised, since the domain will end up 
filled in by the server based on previous stuff anyway.

(My client code does seem to interoperate, FWIW).

Dave.
-- 
Dave Cridland - mailto:dave at cridland.net - xmpp:dwd at jabber.org
  - acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/
  - http://dave.cridland.net/
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade


More information about the Cyrus-sasl mailing list