diff --git a/inbox/sasl2.xml b/xep-0388.xml similarity index 96% rename from inbox/sasl2.xml rename to xep-0388.xml index 555dd37b..82fd2e84 100644 --- a/inbox/sasl2.xml +++ b/xep-0388.xml @@ -9,8 +9,8 @@
Clients, upon observing this stream feature, initiate the authentication by the use of the <authenticate/> top-level element, within the same namespace. The nature of this element is to inform the server about properties of the final stream state, as well as initiate authentication itself. To achieve the latter, it has a single mandatory attribute of "mechanism", with a string value of a mechanism name offered by the Server in the stream feature, and an optional child element of <initial-response/>, containing a base64-encoded SASL Initial Response.
On subsequent connections, if a Client has previously cache the stream feature, the Client MAY choose to send it before seeing the stream features - sending it "pipelined" with the Stream Open tag for example.
In order to provide support for other desired stream states beyond authentication, additional child elements are used. For example, a hypothetical XEP-0198 session resumption element might be included, and/or Resource Binding requests.
Other extension elements MAY also be contained by the <success/> element.
Any security layer negotiated SHALL take effect after the ">" octet of the closing tag (ie, immediately after "</success>").
A <continue/> element is used to indicate that while the SASL exchange was successful, it is insufficient to allow authentication at this time.
@@ -147,13 +157,13 @@Clients respond with a <next-authenticate/> element, which has a single mandatory attribute of "mechanism", containing the selected mechanism name, and contains an OPTIONAL base64 encoded initial response.
TODO before advancing to Draft.
-