-
Sam Whited
> If the initiating entity subsequently sends another <auth/> element and the ongoing authentication handshake has not yet completed, the receiving entity MUST discard the ongoing handshake and MUST process a new handshake for the subsequently requested SASL mechanism. Does anyone have any idea why this is? It seems like a bad idea (and anything that's just a throw-away sentence in an RFC with no explanation modifying something security critical like authentication makes me nervous)
-
defanor
The failure handling section (6.4.5) sounds like it is for that, possibly just saving an explicit abort by allowing to start over before it's completed/aborted.
-
Sam Whited
ahhh, yah, I missed that it's mentioned again later on. Using it for retries makes sense.
-
Sam Whited
Thanksk
-
Sam Whited
Thanks, even