paddy wrote:
On Fri, Sep 23, 2005 at 06:21:57PM +0200, Frank Ellermann wrote:
Scott Kitterman wrote:
unecessary if you are using a shared secret mechanism.
With CRAM-MD5 a "man in the middle" could hijack the session.
Also, IIRC, there is a tendency to end up storing the password in plaintext
at the mail server, which is not good.
Not so - they are encrypted on the server, but usually plain on the users PC I
believe.
Slainte
JohnP
Regards,
Paddy
-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com