At 04:54 PM 2002-06-16, Luke Howard wrote: >>This is basically the same as passing through the SASL >>bind request/responses EXCEPT the authenticating server >>knows it [is] doing [it] for the middle box and hence can prepare >>a response which can be relayed to the end client. > >In what cases would this be necessary? Any mechanism with man-in-the-middle protection... e.g. DIGEST-MD5. Kurt