John C Klensin wrote:
(3) The comments about line lengths of the Base64 strings, and
perhaps a few other things, smack of the possibility of having
to do an out-of-band negotiation or agreement about sizes
between client and server. If that is not the case, the text
could use a little cleaning up, perhaps in the form of a
reference to whether the necessary lengths can be found for each
possible method.
John,
This is tricky. SASL framework itself doesn't provide a way to find out
how big data sent during authentication exchange can be.
Any existing SASL mechanism I've seen doesn't send more than 300-400
bytes in any step of an authentication exchange.
In practice, I hope people use separate resizable buffers for handling
authentication exchanges.
If it is... well, that is trouble.