[ http://jira.jboss.com/jira/browse/JBREM-941?page=all ] David Lloyd updated JBREM-941: ------------------------------ Complexity: Medium There might be a problem where if one side of the connection calculates a different max keysize than the other (due to export policy restrictions for example), then the two sides might negotiate different keys - better read over the spec again to be sure. http://tools.ietf.org/html/draft-burdis-cat-srp-sasl-08 If this is true, we might have to do a separate max keysize negotiation before we start the SRP stuff. Yuck. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

[ http://jira.jboss.com/jira/browse/JBREM-941?page=all ] David Lloyd closed JBREM-941. ----------------------------- Resolution: Won't Fix SRP SASL is fatally flawed. The abandoned draft spec has logical errors in it that I don't see as fixable without basically inventing our own spec. Switching to SSH seems like the best option at this point. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira