[Standards] [Fwd: I-D Action:draft-melnikov-digest-to-historic-00.txt]
stpeter at stpeter.im
Tue Sep 11 15:28:48 UTC 2007
Dave Cridland wrote:
> On Tue Sep 11 11:55:35 2007, Jonathan Chayce Dickinson wrote:
>> Interesting because most clients used Digest-MD5, so what do we use now?
>> Cram-MD5? Or is there some other newfangled method out there?
> DIGEST-MD5 is still more secure than CRAM-MD5, and this won't change
> because of that draft. :-)
Back in August I emailed about this issue  with the IETF area
directors for applications and security, relevant WG chairs, and
interested others. The conclusion was that in rfc3920bis we would make
the following changes to the mandatory-to-implement technologies:
1. Remove DIGEST-MD5
2. Add TLS + SASL PLAIN
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 7338 bytes
Desc: S/MIME Cryptographic Signature
More information about the Standards