[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [OASIS Issue Tracker] (AMQP-105) AMQPCBS: Indicating that multiple challenge-responses are required to transmit token set
Brian Raymor created AMQP-105: --------------------------------- Summary: AMQPCBS: Indicating that multiple challenge-responses are required to transmit token set Key: AMQP-105 URL: https://issues.oasis-open.org/browse/AMQP-105 Project: OASIS Advanced Message Queuing Protocol (AMQP) TC Issue Type: Improvement Components: Claims Based Security Affects Versions: cbs-WD03 Reporter: Brian Raymor Assignee: Brian Raymor Fix For: cbs-WD04 If the token set exceeds the frame size for sasl-init, then additional sasl-challenge and sasl-response pairs are required to send the remaining tokens. Multiple approaches are possible. WD3 uses a simple strawman to encourage discussion. When the server has received all the tokens based on the token count, it stops sending sasl-challenge and sends a sasl-outcome. Other options include: • The equivalent of the transfer more field is added to the response data: RESPONSE = TOKEN-COUNT 1*TOKEN MORE to indicate whether additional sasl-challenge and sasl-response frames are required to complete the exchange. • A "magic" value like NUL NUL could follow the last token and signal completion. • The server always sends an "empty" sasl-challenge and the client responds with an "empty" sasl-response when the exchange is complete. This is especially inefficient if all the tokens are sent in the sasl-init. -- This message was sent by Atlassian JIRA (v6.2.2#6258)
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]