- Previous message: Rob Siemborski: "Re: RES: Kerberos x pam"
- Next in thread: Rob Siemborski: "Re: RES: Kerberos x pam"
- Reply: Rob Siemborski: "Re: RES: Kerberos x pam"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
|
|
|
From: Estevam Henrique Carvalho (estevamh at bmf dot com dot br)
Date: Wed Mar 17 2004 - 09:50:25 EST
The concern about plain text comes to me after reading
http://asg.web.cmu.edu/cyrus/download/imapd/install-auth.html
-----Mensagem original-----
De: Rob Siemborski [mailto:rjs3 at andrew dot cmu dot edu]
Enviada em: quarta-feira, 17 de março de 2004 11:40
Para: Estevam Henrique Carvalho
Cc: 'cyrus-sasl at lists dot andrew dot cmu dot edu'
Assunto: Re: Kerberos x pam
I'm not sure about your windows-related issues, but I can speek from a
Heimdal Kerberos enviornment..
On Wed, 17 Mar 2004, Estevam Henrique Carvalho wrote:
> What is the best way of providing the users to access the e-mail using the
> Windows password ? pam_winbind or Kerberos ?
>
> Will the Kerberos 5 work with Cyrus and SASL ?
Yes -- though, as I said, I'll remain silent about Microsoft Kerberos.
> Does Kerberos also require plan text password as pam modules does ?
If you mean "plaintext over the network" -- neither of these requires
that, you can always throw a TLS layer on top to protect the plaintext
password. Kerberos (via the GSSAPI SASL mechanism) will avoid sending the
password across the network alltogether, however.
> This message may contain confidential and/or privileged information. If
you
> are not the addressee or authorized to receive this for the addressee, you
> must not use, copy, disclose, change, take any action based on this
message
> or any information herein. If you have received this message in error,
> please advise the sender immediately by reply e-mail and delete this
> message. Thank you for your cooperation.
This sort of disclaimer used on a public mailing list can make it very
difficult to respond.
-Rob
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456
Research Systems Programmer * /usr/contributed Gatekeeper
=========================================================
Esta mensagem pode conter informação confidencial e/ou privilegiada. Se você
não for o destinatário ou a pessoa autorizada a receber esta mensagem, não
deverá utilizar, copiar, alterar, divulgar a informação nela contida ou
tomar qualquer ação baseada nessas informações. Se você recebeu esta
mensagem por engano, por favor avise imediatamente o remetente, respondendo
o e-mail e em seguida apague-o. Agradecemos sua cooperação.
This message may contain confidential and/or privileged information. If you
are not the addressee or authorized to receive this for the addressee, you
must not use, copy, disclose, change, take any action based on this message
or any information herein. If you have received this message in error,
please advise the sender immediately by reply e-mail and delete this
message. Thank you for your cooperation.
=========================================================
|
|
|