ietf-mta-filters
[Top] [All Lists]

Re: [sieve] ManageSieve / SCRAM

2010-08-06 11:20:13
RFC 5804 says:

To ensure interoperability, both client and server implementations of
   the ManageSieve protocol MUST implement the SCRAM-SHA-1 [SCRAM] SASL
   mechanism, as well as [PLAIN] over [TLS].

How can this be a requirement, when SCRAM requires passwords to be
stored either as plaintext or in a special SCRAM format? Very few
existing installations would be able to easily start supporting SCRAM.

(Or is this just a tricky way of saying that server code must be able to
support it, but admins can choose if it's actually enabled?)

I don't think it's especially tricky. The text clearly says "implement" and
implement != use.

                                Ned

_______________________________________________
sieve mailing list
sieve(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/sieve

<Prev in Thread] Current Thread [Next in Thread>