Hello, This is a note that I posted a Pull Request on Cyrus SASL. There are a few serious problems in the mechanism table, and I hope this makes it a bit more useful for users to decide on what mechanisms to use. -Rick In a few steps, I've revised the table of authentication mechanisms. This table was long overdue for such an update, I think. I added columns for Post Quantum protection (which is not an issue for authentication until Quantum Computers actually arrive, unlike for encryption, but systems change slowly so this is a useful aspect to document). I added a column for the current state according to the IANA registry of SASL mechanism names. I could not find anything on G2, and am wondering if it might be a misspelled GS2 name? I have removed the remark about encryption from MAX SSF, as this is not considered of value in SASL anymore; it is mostly about authentication not encryption. I updated the description to reference brute-force search space instead, and added a value for low password quality and many-rounds effort on low password quality. The term MAX SSF might suggest that the password quality can be 128 bit, however, which is one of many ways in which the whole MAX SSF notion is confusing and perhaps disinformation. I edited the MAX SSF column, and am well aware that it is subjective. Still, it did not reflect reality at all -- Kerberos5 has long deprecated DES, EXTERNAL is usually based on strong crypto, and so on. I tried to make separately rejectable/acceptable commits out of this. Please use that when you (dis)agree with (parts of) this proposal. Any of these updates would improve the table, IMHO.