[JDEV] Connecting to the server.

Michael Emswiler memswiler at hotmail.com
Thu Oct 19 06:59:46 CDT 2000


I always use digest from my client to the server when connecting, but I thought I noticed that passwords were still in clear text when receiving presence messages from transports (MSN, ICQ, etc.)

Maybe this is specific to JabberCOM -- Peter?



----- Original Message -----
From: David Waite
Sent: Thursday, October 19, 2000 4:53 AM
To: jdev at jabber.org
Subject: Re: [JDEV] Connecting to the server.


userIDs it must transmit in the clear (unless you can think of something
'really' clever). Passwords can be transmitted in a digest (hashed)
format, assuming the client and server support this.

SSL is overkill for anything that is to scale, but SASL was at least
considered a while back.

-David Waite

Ted Rolle wrote:

> Why does Jabber transmit userids and passwords in the clear?
>
> _______________________________________________
> jdev mailing list
> jdev at jabber.org
> http://mailman.jabber.org/listinfo/jdev


_______________________________________________
jdev mailing list
jdev at jabber.org
http://mailman.jabber.org/listinfo/jdev___________________________________________________________
Get more from your time online.  FREE MSN Explorer download : http://explorer.msn.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/jdev/attachments/20001019/a3f5facd/attachment-0002.htm>


More information about the JDev mailing list