On Fri, 12 Sep 2003, Pascal Gienger wrote: > We have some kind of - problem. > > We try to understand HOW the different SASL plugins are ordered when doing > an announcement (. CAPABILITY).
Mostly Randomly. Somewhat based on the order the plugin is loaded. Security requirements of SASL basicly dictate that the client ignore the order they are advertised. > The problem arises (again) with Microsoft Outlook and Outlook Express. > > Outlook breaks when "AUTH=NTLM" is not the FIRST method announced! It gives > me an error saying "DIGEST-MD5: authentication failed" in Outlook (sure, > Microsoft products only handle GSSAPI, NTLM and plaintext). So, if you don't want to use DIGEST (or whatever), restrict what is advertised with sasl_mech_list. -Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper
