For example: I am using Eudora as an email client & gave pop server name
for getting mails, smtp server name for sending mails. For example pop
server
is pop3.mail.yahoo.com, smtp.mail.yahoo.com. If set an option like "use
authentication mechanisam while logging." assume that client(eudora) &
server (smtp.yahoo)
supports that authentication mechanisam.
1. then How can server & client maintain shared secret?
2. Is it some constat string understood by client & server ?
3. if somebody implements new email client which supports those
auth mechanisams, How it will know the shared secret? how it will
connect to that server?
I always thought that the 'shared secret' was essentially another term for
'password' (there's no reference to a 'password' in the CRAM-MD5 standards
as far as I can see).
If I'm wrong I'm sure someone will tell me.... ;-)
Paul VPOP3 - Internet Email Server/Gateway
paul(_at_)pscs(_dot_)co(_dot_)uk http://www.pscs.co.uk/