...along with Alexey's recent request for policy/encryption
strength.
Yes. This should be, IMO, a high priority.
And not over engineered. Let's solve the SASL problem and nothing
more.
I agree. I want nothing to do with, for example, a language for
expressing cryptographic quality of protection policies. I want
only a
way to obtain non-hard-coded, context-specific policies. The key is
context-specific (because the Kerberos mech can use any enctype in a
context-specific way -- you can't tell which it is just from the
mech's
OID, unlike SCRAM). (A context-specific SSF number is acceptable to
me as a way to support SASL.)
