Implementations of SASL: Cyrus SASL vs Gnu SASL vs Dovecot SASL?

1.3k views Asked by At

I am trying to understand the main differences between those implementations of SASL. Actually I have to admit that I am very far away from understanding the internal structure so if you have further references besides the respective specifications I would be very glad. I was skipping through the internal documentaries, but as I am not an expert it is difficult for me to understand what is happening.

1

There are 1 answers

0
J. M. Becker On

SASL is how the application decouples authentication mechanisms from application protocols, meaning the application ultimately must link to a SASL implementation. If an application supports multiple SASL implementations, then the distribution ultimately choses which one is utilized.

The choice really is about flexibility/robustness vs performance/simplicity. Or if it's not, that's how it ends up working out in practice.

With that said, I personally would prefer DovecotSASL whenever possible. For reasons of performance, and simplicity. This assumes it provides all the features you require, configuration was intuitive. In fact, they should really consider making DovecotSASL its own project, and promote it like Cyrus does.