[jdev] MD5 auth problem
Peter Saint-Andre
stpeter at stpeter.im
Fri May 30 12:20:17 CDT 2008
On 05/25/2006 6:34 AM (!), Dave Cridland wrote:
> On Thu May 25 12:58:21 2006, Norman Rasmussen wrote:
>> mmm, all true.
>
> Trouble is with security, it's hard to know which parts are paranoia,
> and which are sound precautions.
>
>> Either way Ulrich's users are going to have to provide
>> their password in 'plain' format at least once to start using jabber.
>> (either via a script on the web-site or via sasl or iq plain)
>
> Yes.
>
> I can't actually find anything in RFC3920 about transitioning, though.
> As far as I know, only ACAP and POP3 have the signalling required. It's
> possible that the thinking has changed on whether transitioning is
> "good" or not, though, I shall find out.
>
> Transitioning might be something to raise during RFC3920bis development,
> perhaps.
Dave, did you ever look into this further?
Peter
--
Peter Saint-Andre
https://stpeter.im/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7338 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://www.jabber.org/jdev/attachments/20080530/c516dd81/attachment-0002.bin>
More information about the JDev
mailing list