Pascal Gienger wrote:
Hi,
does anybody on the list already had the idea to use an information of a client certificate for authentication in IMAPD?
This is exactly what the EXTERNAL SASL mechanism is designed for and is available in Cyrus. If the client presents a TLS client cert, Cyrus will make the EXTERNAL mechanism available, which essentially means "use the credentials presented outside of SASL". Whether any mainstream clients have support for EXTERNAL, I don't know.
-- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
