[jdev] SASL question on RFC 3920
Jens Mikkelsen
gyldenskjold at mail.dk
Thu Jan 6 07:20:14 CST 2005
On Thu, 2005-01-06 at 14:13, Trejkaz Xaoza wrote:
> On Fri, 7 Jan 2005 00:07, Jens Mikkelsen wrote:
> > On Thu, 2005-01-06 at 13:37, Christoph Schmidt wrote:
> > > TLS is for encryption, SASL for authentication only.
> >
> > So there is no encryption at all with SASL? What is it then? It is a
> > MUST.
>
> If encryption is a must, then use TLS for the encryption. Nothing stops you
> using both... in fact, the spec explicitly says you can.
>
Encryption is not a must in that matter. The RFC says that SASL MUST be
implemented and TLS SHOULD.
What I can't find out is, what SASL exactly does.
> TX
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <https://www.jabber.org/jdev/attachments/20050106/0b5bb802/attachment-0002.pgp>
More information about the JDev
mailing list