[Date Prev][Date Next]
Allan Streib wrote:
The client MUA I'm using to send this mail has to smtp authenticate to
the MTA. The MTA allows only digest-md5 or cram-md5 authentication.
Although this is is nothing to do with Kerberos, how can you say that
the client is not required to have support for SASL?
I believe the difference is you are talking about a SASL bind, and what
we're discussing is a way to do a *simple* bind that is using a SASL
mechanism on the back-end to do the authentication rather than having a
password or password hash directly stored in the userPassword attribute.
Once the camel's head has entered your tent,
it's very difficult to stop the rest of the
animal from following it