[jdev] SASL question on RFC 3920
Christoph Schmidt
csc at newbase.de
Thu Jan 6 07:16:50 CST 2005
Jens Mikkelsen schrieb:
> On Thu, 2005-01-06 at 13:37, Christoph Schmidt wrote:
>
>>TLS is for encryption, SASL for authentication only.
>>
>
> So there is no encryption at all with SASL? What is it then? It is a
> MUST.
In case you use TLS, the whole XML Stream is encrypted from the end of
TLS negotiation up to the end of the stream (and as TLS negotiation
always comes before SASL negotiation, SASL is encrypted too in that
case). Another common solution is usin SSL-encrypted sockets.
>
>
>>Jens Mikkelsen schrieb:
>
> [...]
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> jdev mailing list
> jdev at jabber.org
> http://mail.jabber.org/mailman/listinfo/jdev
More information about the JDev
mailing list