Information about SASL and LDAP

Christian Roessner c at roessner-network-solutions.com
Thu Dec 1 13:45:27 EST 2011


Hi,

> cmusaslsecretCRAM-MD5
> cmusaslsecretDIGEST-MD5 and
> cmusaslsecretNTLM

first of all thank you very much for all the answers. I decided to drop
ldapdb in favor of saslauthd and use SSHA passwords in the database
right now. I (or saying better: for our use case), we can force the
client user to use SSL/TLS for securing the password (the whole mail).

So this seems to be the compromise of having maximum security on
client-to-server and server-to-server communication. It's currently done
on the test setup. Are there any security aspects that would speak
against such a dicision?

Thanks very much
Christian
-- 
Roessner-Network-Solutions
Bachelor of Science Informatik
50°34.725'N, 08°40.904'O, Nahrungsberg 81, 35390 Giessen
F: +49 641 33055572, M: +49 176 93118939
USt-IdNr.: DE225643613
http://www.roessner-network-solutions.com

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 554 bytes
Desc: OpenPGP digital signature
Url : http://lists.andrew.cmu.edu/pipermail/cyrus-sasl/attachments/20111201/f68ed550/attachment.bin 


More information about the Cyrus-sasl mailing list