[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: kpasswd

On Thursday, October 16, 2003, at 03:47 PM, Tony Earnshaw wrote:

Kurt D. Zeilenga wrote:

Like {KERBEROS}, {SASL} does not require clients to have support
for SASL nor Kerberos.

The client MUA I'm using to send this mail has to smtp authenticate to the MTA. The MTA allows only digest-md5 or cram-md5 authentication. Although this is is nothing to do with Kerberos, how can you say that the client is not required to have support for SASL?

I believe the difference is you are talking about a SASL bind, and what we're discussing is a way to do a *simple* bind that is using a SASL mechanism on the back-end to do the authentication rather than having a password or password hash directly stored in the userPassword attribute.