[jboss-jira] [JBoss JIRA] (ELY-787) SASL mechanisms are not IANA registered and specifications are not provided
Josef Cacek (JIRA)
issues at jboss.org
Wed Nov 23 09:40:01 EST 2016
Josef Cacek created ELY-787:
-------------------------------
Summary: SASL mechanisms are not IANA registered and specifications are not provided
Key: ELY-787
URL: https://issues.jboss.org/browse/ELY-787
Project: WildFly Elytron
Issue Type: Bug
Reporter: Josef Cacek
Assignee: Darran Lofthouse
Priority: Critical
Elytron comes with set of SASL mechanisms (as requested by EAP7-530), but they don't fit SASL requirements.
New mechanisms has to be registered by IANA as requested by [SASL RFC 4422 section 5|https://tools.ietf.org/html/rfc4422#section-5] and Java [SaslClientFactory|http://docs.oracle.com/javase/8/docs/api/javax/security/sasl/SaslClientFactory.html] and [SaslServerFactory|http://docs.oracle.com/javase/8/docs/api/javax/security/sasl/SaslServerFactory.html] contracts.
Current list of mechanisms provided by Elytron, which are not IANA registered:
* DIGEST-SHA
* DIGEST-SHA-256
* DIGEST-SHA-512
* JBOSS-LOCAL-USER
*Suggestion for improvement:*
Provide specifications for the new mechanisms and register the names by IANA (see [section 7 in RFC-4422|https://tools.ietf.org/html/rfc4422#section-7]).
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list