Hello everybody,
We were dealing recently with this bug in our environment and since
there is no official statement from authors, I'm CC'ing also author of
this commit [1], who is also author of RFC [2], if I got this right. I
was reading through the RFC and this commit does it exactly according to
specification, but it looks like it is not backward compatible with some
other implementations, namely M$ ActiveDirectory or even
cyrus-sasl-2.1.23. Interoperability is important for us and we can't
leave this change here only because of "it's in RFC". If I see
correctly, most of distributions reverted this commit in their releases
and they are still doing fine. We will probably join them, if there will
not be any other solution to maintain backward compatibility.
I didn't find any official statement about this bugzilla [3], nor about
backward compatibility so I would like to ask for some, if you would be
so kind. Here or better to bugzilla. It is not good presentation, having
bugzilla with such wide impact without any official statement.
[1]
https://cgit.cyrus.foundation/cyrus-sasl/commit/?id=080e51c7fa0421eb2f0210d34cf0ac48a228b1e9
[2] https://www.ietf.org/rfc/rfc4752.txt
[3] https://bugzilla.cyrusimap.org/show_bug.cgi?id=3480
--
Jakub Jelen
Associate Software Engineer
Security Technologies
Red Hat
