Re: [sasl_oauth] Re: emty challenge
- View SourceThere doesn't have to be a difference, but there is a final message on the wire to communicate the success or failure. We did it this way to make the sate machine that much simpler as opposed to writing optional messages into the spec.
From: yutaka.obuchi <yutaka.obuchi@...>
Sent: Friday, August 26, 2011 3:41 PM
Subject: [sasl_oauth] Re: emty challengeHi,
Thank you for your comment.
I may be missing something.
But as I mentioned, in the SASL IMAP spec(http://tools.ietf.org/html/rfc4959) at Chapter4 Example of SASL-IR, there is no empty payload.
And I do not understand why there has to be any difference about empty payload between SASL Plain and SASL OAuth
--- In email@example.com, "William J. Mills" <wmills@...> wrote:
> Actually it's sending back and empty response payload along with the success message in 5.1.Â Is it a problem?Â From the client perspective we figured it was trivial to note the empty payload.
> From: yutaka.obuchi <yutaka.obuchi@...>
> To: firstname.lastname@example.org
> Sent: Thursday, August 25, 2011 10:54 PM
> Subject: [sasl_oauth] emty challenge
> Hi all,
> I am working on SASL OAuth Patch for Nginx mail module. https://github.com/bucchi/OAuthSASLPatchForNginx.
> And I have just got a question about Example in the latest spec.
> In 5.1, there is SASL-IR Example for OAuth IMAP and in the flow
> the server send back empty challenge "+ " to the client.
> Why do we need this?
> In the SASL IMAP spec(http://tools.ietf.org/html/rfc4959),
> it seems that you do not need one.
> If there is any reason for that, please let me know.
> Thank you,
> Yutaka Obuchi