Lawrence Greenfield wrote:
> Excellent catch. This looks like a bug; as you might've guessed, we
> don't yet use client side authentication with STARTTLS, and this code
> was only tested a few times when it was first inserted.
BTW are there any MUAs that support STARTTLS/IMAPS with client
certificates and SASL EXTERNAL?
If I change the askcert parameter in the call to tls_init_serverengine
to 1, Netscape Messenger (4.76) prompts for a client cert and sends it
to the server but then does plaintext authentication.
--
Norbert Klasen
DFN Directory Services tel: +49 7071 29 70335
ZDV, Universität Tübingen fax: +49 7071 29 5912
Wächterstr. 76, 72074 Tübingen http://www.directory.dfn.de
Germany [EMAIL PROTECTED]
