[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#5195) ssf not available during sasl bind

--On Monday, October 29, 2007 5:08 PM +0000 h.b.furuseth@usit.uio.no wrote:

> Also, repeating an old point, remember that the "security" keyword
> produces better error messages ("Confidentiality required") than
> "access ... ssf=..." ("Insufficient access" for updates, "Invalid
> credentials" for Bind).  With the latter, the user likely thinks
> he mistyped the password and sends it again unencrypted.

The problem with the security directive that the user ran into, however, I 
don't see a way to get around.  Which is there is no "OR" support.  I.e., 
you can't say, I want the user to have a TLS of 128 OR SASL SSF of 128.  If 
you specify both, both are required.



Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
Zimbra ::  the leader in open source messaging and collaboration