Claus Assmann wrote:
On Thu, Dec 07, 2006, Alexey Melnikov wrote:
Any existing SASL mechanism I've seen doesn't send more than 300-400
bytes in any step of an authentication exchange.
Larger lengths have been reported:
! Active Directory as kdc includes the PAC field and the tickets
! can get quite large.
and caused this change for sm 8.14:
Increase the length of an input line to 12288 to deal with
really long lines during SMTP AUTH negotiations.
This is using SASL GSSAPI?
The "unlimited" length is a pretty bad idea (potential for DoS).
It is, but I would rather avoid specifying any limit in the document,
because it is likely to be exceeded in the future.
But I guess the document can specify an absolute minimum and allow
implementations to support bigger line lengths.