* Daniel Frank <[email protected]> [28/07/2015 15:05:45] wrote: > Best long term solution might be similar to what XMPP is slowly migrating > to: SCRAM... allows hashed password storage *and* hashed password on > the line. > Not sure if it has other shortcomings though.
SCRAM is certainly a good approach. But clients and servers need to support that (I think most do). But it needs to be deployed and used in practice as well. PAKE is also quite interesting in this regard (I don't think these are supported anywhere in the e-mail ecosystem, but I may be misinformed): https://en.wikipedia.org/wiki/Password-authenticated_key_agreement Aaron
signature.asc
Description: Digital signature
_______________________________________________ Ach mailing list [email protected] http://lists.cert.at/cgi-bin/mailman/listinfo/ach
