Re: IMAPS problems...

From: Carlos Morgado <chbm chbm nu>
To: Balsa List <balsa-list gnome org>
Subject: Re: IMAPS problems...
Date: Wed, 22 Aug 2001 15:35:26 +0100

On 2001.08.22 15:10:26 +0100 Brian Stafford wrote:

> > yeah, but advertising LOGINDISABLED inside a SSL connection sounds prety 
> > daft no ?
> 
> RFC 2595
> 
> 3.2. IMAP LOGINDISABLED capability
> 
yeah i know this

> 
>    An IMAP server which implements STARTTLS MUST implement support for
>    the LOGINDISABLED capability on unencrypted connections.
> 
sounds reasonable

> 
>    This capability is useful to prevent clients compliant with this
>    specification from sending an unencrypted password in an environment
>    subject to passive attacks.  It has no impact on an environment

how does one send an unencrypted password over a ssl connection ?

-- 
Carlos Morgado - chbm(at)chbm(dot)nu - http://chbm.nu/ -- gpgkey: 0x1FC57F0A
http://wwwkeys.pgp.net/ FP:0A27 35D3 C448 3641 0573 6876 2A37 4BB2 1FC5 7F0A
Software is like sex; it's better when it's free. - Linus Torvalds

Follow-Ups:
- Re: IMAPS problems...
  - From: Brian Stafford

References:
- IMAPS problems...
  - From: Toralf Lund
- Re: IMAPS problems...
  - From: Carlos Morgado
- Re: IMAPS problems...
  - From: Toralf Lund
- Re: IMAPS problems...
  - From: Carlos Morgado
- Re: IMAPS problems...
  - From: Brian Stafford
- Re: IMAPS problems...
  - From: Carlos Morgado
- Re: IMAPS problems...
  - From: Brian Stafford

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]