Re: Moving away from plain-text passwords in the server-side passwd file

From: Greg Hudson <ghudson_at_MIT.EDU>
Date: Wed, 21 May 2008 13:20:10 -0400

On Wed, 2008-05-21 at 12:40 -0400, Mark Phippard wrote:
> If the server does not know the plaintext password
> for a user then you cannot use CRAM-MD5 or DIGEST-MD5 auth mechanisms.

With DIGEST-MD5 it's possible for the server to know only an
intermediate hash of the password. Unfortunately, I don't think Cyrus
SASL supports that. (Not sure, though.)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: dev-help_at_subversion.tigris.org
Received on 2008-05-22 17:11:41 CEST

This message: [ Message body ]
Next message: C. Michael Pilato: "Re: Question on JavaHL change"
Previous message: Hyrum K. Wright: "Re: Question on JavaHL change"
In reply to: Mark Phippard: "Re: Moving away from plain-text passwords in the server-side passwd file"
Next in thread: David Glasser: "Re: Moving away from plain-text passwords in the server-side passwd file"
Reply: David Glasser: "Re: Moving away from plain-text passwords in the server-side passwd file"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]