The simple mechanism allowing to the client independently and safely to
change the password for the account - a problem of many admins.
I have run daemon poppwd over SSL. (And differently it is not clear,
what madman will transfer the password on the open connection.)
The poppwd protocol is rather simple and similar on pop3.
/* Steve Dorner's description of the simple protocol:
*
* The server's responses should be like an FTP server's responses;
* 1xx for in progress, 2xx for success, 3xx for more information
* needed, 4xx for temporary failure, and 5xx for permanent failure.
* Putting it all together, here's a sample conversation:
*
* S: 200 hello\r\n
* E: user yourloginname\r\n
* S: 300 please send your password now\r\n
* E: pass yourcurrentpassword\r\n
* S: 200 My, that was tasty\r\n
* E: newpass yournewpassword\r\n
* S: 200 Happy to oblige\r\n
* E: quit\r\n
* S: 200 Bye-bye\r\n
* S: <closes>
* E: <closes>
*/
I have written the console client under *nix.
Whether there is at somebody a desire to make the client of this
protocol as extension for Thunderbird?
IIt should create the form for each account, specify the address of a
server, old and new passwords, support SSL and under this protocol to
change the password.
Probably, such extension can be and for Firefox. The edited list of
accounts, further it is similar.
Ogogon.
_________________
Demos-SHERNA Co.
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto