> In other words, how do I know which mechanisms will be > > disallowed with "noactive" or "nodictionary" or allowed by > "forward_secrecy" > > or "mutual_auth"? I'm unable to connect the dots. > > You can find out about SASL active etc. attacks in RFC 4422 > https://tools.ietf.org/html/rfc4422 > > Wietse
Thanks. Yes, that describes the attack categories. But it doesn't answer the above question. Is the categorization documented somewhere? If not, how are we to know? Michael
