- Previous message: lartc: "Re: how to enable TLs encryption only ?"
- Maybe in reply to: Ken Murchison: "[POLL] Defaulting allowplaintext to disabled"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
|
|
|
From: Farzad FARID (no email)
Date: Fri Mar 30 2007 - 11:24:17 EDT
on 27.03.2007 20:02 Ken Murchison said the following:
> Since sending passwords in the clear sucks, and I would like to think
> that most reasonable admins disable this option anyways, would anyone
> have a major gripe if we change the allowplaintext option to default
> to disabled in the 2.3.9 release? Obviously, we will document this
> change prominently in the release notes.
>
Hi,
Given that using plaintext auth will still work with SSL/TLS (the
configuration I usually deploy for customers) I agree with this change.
Regards,
-- Farzad FARID / Architecte Open Source - Associé Pragmatic Source / http://www.pragmatic-source.com Tel : +33 9 53 19 21 90 / Mob : +33 6 03 70 65 46 Rejoignez mon réseau de contacts : http://www.viadeo.com/invitationpersonnelle/002ic6twokcvmi
|
|
|