On Wednesday, Feb 19, 2003, at 15:05 US/Pacific, Brian Candler wrote:
I am not quite sure what you're getting at. You cannot design aBzzt. Wrong. Thanks for playing.
password-based authentication system where there is neither a 'cleartext'
shared secret at the server, nor a 'cleartext' password sent over the wire.
By all means feel free to try :-) It's circle-squaring.
If you want not to send the password over the wire, and not to store
material on the server which could be used to authenticate if stolen, then
you need to forget passwords and move to asymmetric (public-key)
authentication methods.
Use Kerberos, with Kerberized POP, SASL Kerberos v4, or SASL Kerberos v5.
It does _EXACTLY_ what your first paragraph says you cannot design, and does so without public-key authentication.
1) the keys are encrypted in the KDC, not plain text
2) the mechanism is 'shared secret' based
3) passwords are never sent in the clear over the wire (passwords are never over the wire at all, IIRC -- though, the initial kadmin session where the key is created might send an encrypted password to the KDC, but that would be the only time it happens)
There are even multiple kerberos supporting email clients out there, as well as the option to use SSL+(POP or IMAP) with plain text passwords and then use PAM for verifying the username and password.
-------------------------------------------------------
This SF.net email is sponsored by: SlickEdit Inc. Develop an edge.
The most comprehensive and flexible code editor you can use.
Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial.
www.slickedit.com/sourceforge
_______________________________________________
courier-users mailing list
[EMAIL PROTECTED]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
