On 10 Aug 2021, at 11:21, Alessandro Vesely via mailop wrote:
SASL methods allow secure authentication over unencrypted channels.
(Well, I use CRAM-MD5 even over TLS. When heartbleed came around I
thought it wasn't that silly after all.)
FSVO secure, IIRC. Having to keep the unencrypted password at hand on
the server side opens the door to other types of attack.
Best regards
-lem
_______________________________________________
mailop mailing list
[email protected]
https://list.mailop.org/listinfo/mailop
