Tony Finch wrote:
On Mon, 4 Dec 2006, Dave Crocker wrote:
I cannot figure out how to parse the concept of something that is
simultaneously "external" and "within", so I'm entirely missing what
application you are referencing here.
The SASL EXTERNAL method means that the client has been authenticated by
some means external to SASL (e.g. TLS, or in my case IP addresses and
knowledge of the network topology) and that the client wants the server to
make its access control decision using this information with the
authorization identity that the client provides via SASL.
That is, EXTERNAL refers just to SASL, and not to the system as a whole.
I did, indeed, miss that 'external' was in all caps.
I'll blame my denseness on that... Any excuse that works.