[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: kpasswd

Allan Streib wrote:

The client MUA I'm using to send this mail has to smtp authenticate to the MTA. The MTA allows only digest-md5 or cram-md5 authentication. Although this is is nothing to do with Kerberos, how can you say that the client is not required to have support for SASL?

I believe the difference is you are talking about a SASL bind, and what we're discussing is a way to do a *simple* bind that is using a SASL mechanism on the back-end to do the authentication rather than having a password or password hash directly stored in the userPassword attribute.

Ah. Thanks.


Tony Earnshaw

Once the camel's head has entered your tent,
it's very difficult to stop the rest of the
animal from following it

Mail: tonye-at-billy.demon.nl