> > The same method works equally well for a SASL database of plaintext > > passwords. i.e. you can encrypt the whole lot with a symmetric cipher. When > > you need to authenticate someone, you decrypt the relevant password and run > > in through the CRAM algorithm. > > Yes, but, wasn't the original complaint that "this isn't being done", not > that "it cannot be done"? I didn't offer kerberos as "the only solution", > I offered it as a counter-example to the statement that the password has > to be in the clear somewhere.
And, just to be clear, I'm also not offering kerberos as a "perfect solution". Just as a counter-example to the claim. ------------------------------------------------------- This SF.net email is sponsored by: SlickEdit Inc. Develop an edge. The most comprehensive and flexible code editor you can use. Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial. www.slickedit.com/sourceforge _______________________________________________ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
