Where would you store the plain text passwords? Andy
On Fri, 16 Aug 2002, Murat Bicer wrote: >You can use stunnel and keep using plain test passwords. >In which case you need to have an ssl certificate. Either you have to >buy it or you take the risk of having a man in the middle attack. > >You can use also TLS which will require a certificate as well. > > >Andreas Aardal Hanssen wrote: > >>Does anyone on this list have a safe way of providing kerberos >>authentication? >> >>I've thought of a couple of things: >> >>- storing passwords plain >> >>Obviously not a solution one would strive for, but there may be safe ways >>to do this - retreiving password through an encrypted channel, forced >>commands, etc etc >> >>- symmetric encryption, using private key owned by imap server / >> user >> >>Well, the obvious problem here is that the key can get compromized. >> >>Andy >> >> >> > > > -- Andreas Aardal Hanssen
