how to enable digestmd5 and crammd5 ?
Goetz Babin-Ebell
goetz at shomitefo.de
Fri Apr 20 03:26:33 EDT 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
JOYDEEP schrieb:
> Goetz Babin-Ebell wrote:
>> The problem is that cram-md5 and digest-md5 need direct access to the
>> pass phrase in plain text.
>> AFAIK LDAP doesn't support this.
>> You have to use TLS if you want to transmit the pass phrase securely...
>
> I am already running SSL aka imaps. but still was interested about
> cram-md5 and digest-md5 for secured authorization.
Why ?
If all passphrases for your IMAP connections are transmitted over TLS,
there is no need for cram-md5 or digest md5.
If the atacker can read the TLS encrypted connection,
you have lost anyway...
cram-md5 and digest-md5 require the pass phrase stored unencrypted.
This opens another can of worms...
(And AFAIK LDAP doesnt support them...)
Bye
Goetz
- --
DMCA: The greed of the few outweights the freedom of the many
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFGKGr62iGqZUF3qPYRAnX+AJ9KcdKf67B4I/7/B5cvyRZAA7iZqACeKWh/
5O1TTXvldtdpi4tsjmFBQGo=
=zEeK
-----END PGP SIGNATURE-----
More information about the Info-cyrus
mailing list