Re: Authorisation again. Security.

To: debian-russian@lists.debian.org
Subject: Re: Authorisation again. Security.
From: Anton Petrusevich <casus@bugs2k.com>
Date: Thu, 29 Nov 2001 22:36:42 -0600
Message-id: <[🔎] 20011129223642.A3088@casus.tx>
Mail-followup-to: Anton Petrusevich <casus@bugs2k.com>, debian-russian@lists.debian.org
In-reply-to: <[🔎] 00be01c17951$aef61800$ab101eac@lukoil.perm.su>
References: <[🔎] 20011130045902.A8205@haunt> <[🔎] 00be01c17951$aef61800$ab101eac@lukoil.perm.su>

On Fri, Nov 30, 2001 at 08:47:07AM +0500, Viktor Vislobokov wrote:
>       Есть еще один путь, если тебе надо защитить только авторизацию -
> включи apop

Цитата из popa3d:

There exist extensions to the protocol that are supposed to fix this
problem.  I am not supporting them yet, partly because this isn't
going to fully fix the problem.  In fact, APOP and the weaker defined
SASL mechanisms such as CRAM-MD5 may potentially be even less secure
than transmission of plaintext passwords because of the requirement
that plaintext equivalents be stored on the server.

-- 
Anton Petrusevich

Reply to:

Follow-Ups:
- Re: Authorisation again. Security.
  - From: Ingvarr Zhmakin <ingvarr@mail.ru>

References:
- Authorisation again. Security.
  - From: Ingvarr Zhmakin <ingvarr@mail.ru>
- Re: Authorisation again. Security.
  - From: "Viktor Vislobokov" <vvislobokov@lukoilperm.ru>

Prev by Date: Re: Authorisation again. Security.
Next by Date: Re: Authorisation again. Security.
Previous by thread: Re: Authorisation again. Security.
Next by thread: Re: Authorisation again. Security.
Index(es):
- Date
- Thread