David, I'd be happy to get you going on OpenSSL for Windows off the list. It's actually quite easy and Windows is not a "step-child" but fully supported.
Peter -----Original Message----- From: "David Harris" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Date: Wednesday, June 05, 2002 19:58 Subject: Re: (yet another) draft 17, incorporating Chris Newman's comments >On 4 Jun 2002 at 17:13, Mark Crispin wrote: > >> Network Working Group M. Crispin >> INTERNET-DRAFT: IMAP4rev1 University of Washington >> Obsoletes: 2060 June 2002 >> >> Client and server implementations MUST implement the STARTTLS >> extension and PLAIN SASL mechanism described in [IMAP-TLS]. See >> the Security Considerations section for important information >> about STARTTLS. > >I'm sorry if I'm raising something that's been done over already, but I've >only recently returned to this list (I somehow got dropped off at the end >of last year and only really noticed that fact quite recently). > >This section, and a reading of IMAP-TLS, appears to be saying that an >IMAP implementation can only be considered compliant if it implements >SSL (sorry for the old terminology - I'm using it to be specific). > >Surely that can't be right?? > >SSL may be a feasible technology under unix, but for people working in >other environments, such as Windows, it's much less obvious how it >can be reasonably done. Windows itself has negligible support for it - >you have to use undocumented API calls that only exist in some >versions, which makes that a non-starter... OpenSSL is like most open >source projects, aggressively anti-Windows, and I *still* haven't found a >working implementation for Windows (I mean this mostly in the sense >that documentation is non-existent, so even if you can find a binary or >get the code to compile, it's not clear to me how to use it) after two >years of looking. Of course, there's BSafe from RSADSI, but I don't >have the US$100,000 license fee they want. > >Are we really mandating a technology where implementations are far >from commonplace, and are generally arcane to the point of near- >unusability? > >If we are, are there any Windows developers on this list who have found >a solution I haven't discovered for handling SSL in a robust, reliable and >trouble-free manner? Care to point me at it? > >Cheers! > >-- David -- > >------------------ David Harris -+- Pegasus Mail ---------------------- > Box 5451, Dunedin, New Zealand | e-mail: [EMAIL PROTECTED] > Phone: +64 3 453-6880 | Fax: +64 3 453-6612 > >Sign seen in a Paris hotel elevator: > "Please leave your values at the front desk." > > > > >