Client authentication via client certificate on ssl/tls
Ken Murchison
ken at oceana.com
Fri Jul 2 07:52:44 EDT 2004
Pascal Gienger wrote:
> Hi,
>
> does anybody on the list already had the idea to use an information of a
> client certificate for authentication in IMAPD?
This is exactly what the EXTERNAL SASL mechanism is designed for and is
available in Cyrus. If the client presents a TLS client cert, Cyrus
will make the EXTERNAL mechanism available, which essentially means "use
the credentials presented outside of SASL". Whether any mainstream
clients have support for EXTERNAL, I don't know.
--
Kenneth Murchison Oceana Matrix Ltd.
Software Engineer 21 Princeton Place
716-662-8973 x26 Orchard Park, NY 14127
--PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
More information about the Info-cyrus
mailing list