From mboxrd@z Thu Jan  1 00:00:00 1970
Subject: Re: [9fans] pop3 before smtp
Content-Type: text/plain; charset=US-ASCII; format=flowed
Mime-Version: 1.0 (Apple Message framework v552)
From: Lyndon Nerenberg <lyndon@orthanc.ab.ca>
To: 9fans@cse.psu.edu
Content-Transfer-Encoding: 7bit
In-Reply-To: <6775b5273a21ebea7da9dedd6d520bec@plan9.bell-labs.com>
Message-Id: <DFDCBF1D-B30F-11D7-8B4D-000393D34A62@orthanc.ab.ca>
Date: Thu, 10 Jul 2003 13:51:19 -0600
Topicbox-Message-UUID: f3fa1c58-eacb-11e9-9e20-41e7f4b1d025


On Thursday, July 10, 2003, at 01:38  PM, David Presotto wrote:

> Seriously, the biggest barrier is the thing noone seems to have,
> a client certificate.

 From a practical standpoint, you don't need one. You can use SSL to
encrypt the protocol session (without a cert), and use AUTH LOGIN
inside of that to authenticate the submitting agent.

If you don't need the encrypted link, just AUTH using a non-plaintext
SASL mechanism (e.g., CRAM-MD5, DIGEST-MD5).

--lyndon