Displaying 1 result from an estimated 1 matches for "forwardning".
Did you mean:
forwarding
2015 Feb 25
2
Proxying of non "plain" SASL mechnisms.
..."
password.
Of course, having the plaintext password the proxy could in principle do
other challenge/response SASL handshakes with the target backend, but
right now only LOGIN and PLAIN is implemented.
So I wondered about the rationale for not just forward the SASL
handshake.
- First, blindly forwardning will not do, since the mech data has to be
decoded anyway to do any per/user passdb lookup (to, say, find the
target host). But you don't need authentication to actually succeed to
do that. You only need AuthZ-id or AuthN-id.
- Secondly, the design of the interaction between imap-login process...