[jdev] SASL question on RFC 3920
Christoph Schmidt
csc at newbase.de
Thu Jan 6 06:37:15 CST 2005
TLS is for encryption, SASL for authentication only.
Jens Mikkelsen schrieb:
> Hi List,
>
> I don't know much about SASL, so I have a question on this.
>
> In RFC 3920 it says:
> When negotiating XML streams in XMPP 1.0, TLS SHOULD be used as
> defined under Use of TLS (Section 5) and SASL MUST be used as defined
> under Use of SASL (Section 6).
>
> When i sniff the data when I am authenticating everything is clear text.
> Dosn't SASL encrypt this or have I misunderstood something? Or is the
> encryption being handled on an other network layer?
> If there is encryption is only during authentication or is it in
> general?
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> jdev mailing list
> jdev at jabber.org
> http://mail.jabber.org/mailman/listinfo/jdev
More information about the JDev
mailing list