serv/mox - Surdeus Git: Beyond coding. I Forge.

serv/mox

Fork 0

mirror of https://github.com/mjl-/mox.git synced 2024-12-26 08:23:48 +03:00

Commit graph

Author	SHA1	Message	Date
Mechiel Lukkien	e7478ed6ac	implement the plus variants of scram, to bind the authentication exchange to the tls connection to get the security benefits (detecting mitm attempts), explicitly configure clients to use a scram plus variant, e.g. scram-sha-256-plus. unfortunately, not many clients support it yet. imapserver scram plus support seems to work with the latest imtest (imap test client) from cyrus-sasl. no success yet with mutt (with gsasl) though.	2023-12-23 23:19:36 +01:00
Mechiel Lukkien	642a328ae1	add support for SCRAM-SHA-1 the idea is that clients may not support SCRAM-SHA-256, but may support SCRAM-SHA-1. if they do support the 256 variant, they'll use it. unfortunately, thunderbird does not support scram-sha-1 either.	2023-02-05 12:30:14 +01:00
Mechiel Lukkien	cb229cb6cf	mox!	2023-01-30 14:27:06 +01:00

Author

SHA1

Message

Date

Mechiel Lukkien

e7478ed6ac

implement the plus variants of scram, to bind the authentication exchange to the tls connection

to get the security benefits (detecting mitm attempts), explicitly configure
clients to use a scram plus variant, e.g. scram-sha-256-plus. unfortunately,
not many clients support it yet.

imapserver scram plus support seems to work with the latest imtest (imap test
client) from cyrus-sasl. no success yet with mutt (with gsasl) though.

2023-12-23 23:19:36 +01:00

Mechiel Lukkien

642a328ae1

add support for SCRAM-SHA-1

the idea is that clients may not support SCRAM-SHA-256, but may support
SCRAM-SHA-1. if they do support the 256 variant, they'll use it.

unfortunately, thunderbird does not support scram-sha-1 either.

2023-02-05 12:30:14 +01:00

Mechiel Lukkien

cb229cb6cf

mox!

2023-01-30 14:27:06 +01:00

3 commits