[jboss-jira] [JBoss JIRA] (ELY-787) SASL mechanisms are not IANA registered and specifications are not provided
Darran Lofthouse (JIRA)
issues at jboss.org
Tue Jul 31 14:14:00 EDT 2018
[ https://issues.jboss.org/browse/ELY-787?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Darran Lofthouse resolved ELY-787.
----------------------------------
Resolution: Won't Fix
Our custom mechanisms are not mechanisms we would register, additionally we are not the owners of the RFCs for the other mechanisms, the owners of those RFCs should be registering the mechanisms.
> SASL mechanisms are not IANA registered and specifications are not provided
> ---------------------------------------------------------------------------
>
> Key: ELY-787
> URL: https://issues.jboss.org/browse/ELY-787
> Project: WildFly Elytron
> Issue Type: Task
> Reporter: Josef Cacek
> Priority: Critical
> Labels: sasl
> Fix For: 1.5.2.CR1
>
>
> Elytron comes with set of SASL mechanisms (as requested by EAP7-530), but they don't fit SASL requirements.
> New mechanisms has to be registered by IANA as requested by [SASL RFC 4422 section 5|https://tools.ietf.org/html/rfc4422#section-5] and Java [SaslClientFactory|http://docs.oracle.com/javase/8/docs/api/javax/security/sasl/SaslClientFactory.html] and [SaslServerFactory|http://docs.oracle.com/javase/8/docs/api/javax/security/sasl/SaslServerFactory.html] contracts.
> Current list of mechanisms provided by Elytron, which are not IANA registered:
> * DIGEST-SHA
> * DIGEST-SHA-256
> * DIGEST-SHA-512
> * JBOSS-LOCAL-USER
> *Suggestion for improvement:*
> Provide specifications for the new mechanisms and register the names by IANA (see [section 7 in RFC-4422|https://tools.ietf.org/html/rfc4422#section-7]).
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
More information about the jboss-jira
mailing list