[24645] in Kerberos

home help back first fref pref prev next nref lref last post

Re: Kerberos support in Thunderbird

daemon@ATHENA.MIT.EDU (Sam Hartman)
Wed Sep 14 19:11:56 2005

To: jalex@cis.upenn.edu (Jim Alexander)
From: Sam Hartman <hartmans@mit.edu>
Date: Wed, 14 Sep 2005 19:11:08 -0400
In-Reply-To: <dg50au$elr8$1@netnews.upenn.edu> (Jim Alexander's message of
 "Mon, 12 Sep 2005 22:43:42 +0000 (UTC)")
Message-ID: <tslmzmf8ctv.fsf@cz.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
cc: kerberos@mit.edu
Errors-To: kerberos-bounces@mit.edu

>>>>> "Jim" == Jim Alexander <jalex@cis.upenn.edu> writes:

    Jim> I meant to also add that I think it is generally considered
    Jim> bad form to silently fall back to a weaker security mechanism
    Jim> when a stronger on fails. I want to be able to configure my
    Jim> mail client to use GSSAPI, and if it fails, I want to be told
    Jim> that it failed, not fall back and perhaps successfully
    Jim> authenticate using CRAM-MD5, leaving me without a clue that
    Jim> my chosen auth method is not working.


I agree having this option is nice.  However I also think it is
important to have a usable default behavior.

________________________________________________
Kerberos mailing list           Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos

home help back first fref pref prev next nref lref last post