On 11/17/09 2:43 PM, Tobias Markmann wrote: > On Tue, Nov 17, 2009 at 8:41 PM, Peter Saint-Andre <stpeter at stpeter.im > <mailto:stpeter at stpeter.im>> wrote: > > That was the intent for mechanism-too-weak. For example, if you want to > authenticate as an administrative user then you might not be allowed to > use a weaker mechanism (even if the server offered it to you because it > didn't know who you were at that point). > > > I completely understand the use case. It just seems kind of stupid to > select a mechanism which isn't advertised. Sure you can't do otherwise > the way SASL has been designed since you don't know the username before > advertising the supported mechanisms. No, you choose a mechanism (say, PLAIN) but the server doesn't allow you to authenticate as a higher class of user with that mechanism. Peter -- Peter Saint-Andre https://stpeter.im/
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.