Hi all,
I'm putting the finishing touches on authldap but need some feedback here. Am I correct in assuming that
currently POP3 APOP only works if the password is stored cleartext in the database?
I don't see how we can support APOP with ldap. There's no shared secret, unless I store it cleartext in a
separate field.... and I *don't* want to start such bad habits.
Is apop worth the effort at all? I don't use pop3 at all myself, but apop just doesn't seem like much of a
security mechanism. I'd much rather invest my time in native start-tls capability.
--
________________________________________________________________
Paul Stevens mailto:[EMAIL PROTECTED]
NET FACILITIES GROUP PGP: finger [EMAIL PROTECTED]
The Netherlands________________________________http://www.nfg.nl
