Hiya, Thanks for the response. Good to know that the crypto here is not an issue:-)
On 03/05/16 12:25, Manav Bhatia wrote: > There > is thus a value in retaining clear text passwords. I don't buy that tbh. There is a significant cost and risk too - passwords are re-used all over the place. Sending any password in clear anytime puts at risk whatever else that password is re-used for. And we know that does happen. (On average passwords used in the web are used in about 8 different places is the last study result that I recall.) I think this spec would be far better off advising to not continue that bad practice. S.
smime.p7s
Description: S/MIME Cryptographic Signature
