[jdev] MD5 auth problem
stpeter at stpeter.im
Fri May 30 12:20:17 CDT 2008
On 05/25/2006 6:34 AM (!), Dave Cridland wrote:
> On Thu May 25 12:58:21 2006, Norman Rasmussen wrote:
>> mmm, all true.
> Trouble is with security, it's hard to know which parts are paranoia,
> and which are sound precautions.
>> Either way Ulrich's users are going to have to provide
>> their password in 'plain' format at least once to start using jabber.
>> (either via a script on the web-site or via sasl or iq plain)
> I can't actually find anything in RFC3920 about transitioning, though.
> As far as I know, only ACAP and POP3 have the signalling required. It's
> possible that the thinking has changed on whether transitioning is
> "good" or not, though, I shall find out.
> Transitioning might be something to raise during RFC3920bis development,
Dave, did you ever look into this further?
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 7338 bytes
Desc: S/MIME Cryptographic Signature
More information about the JDev