Client authentication via client certificate on ssl/tls

Ken Murchison ken at
Fri Jul 2 07:52:44 EDT 2004

Pascal Gienger wrote:

> Hi,
> does anybody on the list already had the idea to use an information of a 
> client certificate for authentication in IMAPD?

This is exactly what the EXTERNAL SASL mechanism is designed for and is 
available in Cyrus.  If the client presents a TLS client cert, Cyrus 
will make the EXTERNAL mechanism available, which essentially means "use 
the credentials presented outside of SASL".  Whether any mainstream 
clients have support for EXTERNAL, I don't know.

Kenneth Murchison     Oceana Matrix Ltd.
Software Engineer     21 Princeton Place
716-662-8973 x26      Orchard Park, NY 14127
--PGP Public Key--
Cyrus Home Page:
Cyrus Wiki/FAQ:
List Archives/Info:

More information about the Info-cyrus mailing list