SASL

Written by hannes
Published: 2016-08-24 (last updated: 2016-10-20)

SASL is used widely for authentication of users - we need it for MirageOS. Various mechanisms are available - ranging from md5 digests, over plain, towards cram/scram and external. Both the client side as well as the server side needs to be done - some preliminary client code can be adapted from the XMPP library. For the server side it is crucial to not save passwords in clear text or hashed without salt. TLS client certificate integration (SASL external mechanism) would be great to have as well!