Re: CRAM-SHA1 sucks. was: [courier-users] ESMTP Auth and LDAP problems - John Rudd - net.sourceforge.lists.courier-users

38 messages in net.sourceforge.lists.courier-usersRe: CRAM-SHA1 sucks. was: [courier-u...

From	Sent On	Attachments
Bill Long	Feb 18, 2003 10:36 pm
Gordon Messmer	Feb 18, 2003 11:32 pm
Bill Long	Feb 19, 2003 12:00 am
Matt Pavlovich	Feb 19, 2003 8:29 am
Brian Candler	Feb 19, 2003 12:40 pm
Matt Pavlovich	Feb 19, 2003 12:58 pm
Brian Candler	Feb 19, 2003 1:41 pm
Matt Pavlovich	Feb 19, 2003 2:22 pm
Sam Varshavchik	Feb 19, 2003 3:03 pm
Sam Varshavchik	Feb 19, 2003 3:05 pm
Brian Candler	Feb 19, 2003 3:06 pm
Brian Candler	Feb 19, 2003 3:27 pm
Gordon Messmer	Feb 19, 2003 4:09 pm
Kurt Bigler	Feb 19, 2003 4:18 pm
Gordon Messmer	Feb 19, 2003 4:37 pm
Jeff Potter	Feb 19, 2003 5:35 pm
Jason Haar	Feb 19, 2003 6:16 pm
John Rudd	Feb 19, 2003 9:54 pm
Gordon Messmer	Feb 19, 2003 11:18 pm
John Rudd	Feb 20, 2003 12:15 am
John Rudd	Feb 20, 2003 1:06 am
Brian Candler	Feb 20, 2003 2:27 am
Brian Candler	Feb 20, 2003 2:37 am
Brian Candler	Feb 20, 2003 5:01 am
Brian Candler	Feb 20, 2003 5:13 am
John Rudd	Feb 20, 2003 5:56 am
John Rudd	Feb 20, 2003 6:13 am
John Rudd	Feb 20, 2003 6:17 am
Brian Candler	Feb 20, 2003 7:23 am
Gordon Messmer	Feb 20, 2003 7:51 am
Matt Pavlovich	Feb 20, 2003 8:53 am
Gordon Messmer	Feb 20, 2003 9:09 am
Eduardo Roldan	Feb 20, 2003 10:28 am
Jason Haar	Feb 20, 2003 11:21 am
Patrik Nilsson	Feb 20, 2003 2:10 pm
Brian Candler	Feb 20, 2003 2:14 pm
Sam Varshavchik	Feb 20, 2003 3:06 pm
Sam Varshavchik	Feb 20, 2003 3:08 pm

	Permalink for this message Paste this link in email or IM:
	Permalink for this thread Paste this link in email or IM:
	Atom feed for this thread Paste this URL into your reader:

Subject:	Re: CRAM-SHA1 sucks. was: [courier-users] ESMTP Auth and LDAP problems	Actions...
From:	John Rudd (jru...@ucsc.edu)
Date:	Feb 20, 2003 6:17:45 am
List:	net.sourceforge.lists.courier-users

The same method works equally well for a SASL database of plaintext passwords. i.e. you can encrypt the whole lot with a symmetric cipher. When you need to authenticate someone, you decrypt the relevant password and run in through the CRAM algorithm.

Yes, but, wasn't the original complaint that "this isn't being done", not that "it cannot be done"? I didn't offer kerberos as "the only solution", I offered it as a counter-example to the statement that the password has to be in the clear somewhere.

And, just to be clear, I'm also not offering kerberos as a "perfect solution". Just as a counter-example to the claim.

	Start a set with this search
	Include this search in one of my sets
	Exclude this search from one of my sets
	Permalink to these results Paste this link in email or IM:
	Atom feed for tracking future search results Paste this URL into your reader: