Chatme.im use scram-md5 for store password Inviato da iPhone
> Il giorno 20/apr/2014, alle ore 19:19, Mathias Ertl <[email protected]> ha > scritto: > >> On 04/20/2014 06:46 PM, Simon Tennant wrote: >> Is this a question about Ejabberd or generally? > > A question about client support for SCRAM. > >> Generally nobody should be using Digest authentication and thus >> necessitating plaintext storage of passwords. Ever. > > The majority of the XMPP network does this. It is the default in both > ejabberd and prosody (see link quoted in the original mail[1], at the > very bottom). > >> You might want to run your server through XMPP.net to see which mechanisms >> it's offering. For example: >> https://xmpp.net/result.php?domain=jabber.de&type=client > > Yes, I know that site, thank you. I tried a few domains from the history > in the observatory, jabber.ccc.de, jabber.org, jabber.ru, jabber.co.nz, > xmpp.jp, xmpp.ru and jabber.at all offer DIGEST-MD5, wich indicates they > store passwords in plaintext. Only jabber.de and jabber.ua don't. > > greetings, Mati > > [1] http://prosody.im/doc/plain_or_hashed > > -- > twitter: @mathiasertl | xing: Mathias Ertl | email: [email protected] > I only read plain-text mail! I prefer signed/encrypted mail! >
