[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Rationale for this change?
From: |
Simon Josefsson |
Subject: |
Re: Rationale for this change? |
Date: |
Thu, 29 Dec 2005 12:14:30 +0100 |
User-agent: |
Gnus/5.110004 (No Gnus v0.4) Emacs/22.0.50 (gnu/linux) |
David Kastrup <address@hidden> writes:
> 2005-12-05 Ralf Angeli <address@hidden>
>
> * mail/smtpmail.el (smtpmail-try-auth-methods):
> Send credentials together with "AUTH PLAIN" command.
>
> I have not seen this discussed on the list, and it feels to me that
> this defeats system administrators who disable "AUTH PLAIN" because
> they consider the access path to the mail server under their
> administration unsafe for plain text transfers. While the
> authentication is refused, the authentication data itself is still
> sent through the network after this change, making the refusal of
> "AUTH PLAIN" ineffective for avoiding ill consequences of snoopable
> connections.
>
> Could you shed any light on what problem this change is intended to
> fix?
The AUTH PLAIN command is not sent if the server did not advertise
support for AUTH PLAIN. See RFC 2554. The earlier behavior violated
a SHOULD in RFC 2222 ยง 5.1.
So security-wise, it is not worse than before.
Of course, AUTH PLAIN can only be used securely under a TLS session,
but there are still servers out there that doesn't support TLS. It is
possible to use AUTH PLAIN under TLS, but disabling AUTH PLAIN without
TLS is unrealistic.