On Sat, 2003-02-08 at 02:14, Mark Crispin wrote: > The other choices are CRAM-MD5, DIGEST-MD5, which basically involve > storing plaintext equivalents of the authentication credentials on the > server.
DIGEST-MD5 stores MD5 sum of user:realm:password on server, which I wouldn't call plaintext equilevant. It also supports integrity protecting the rest of the connection so I think that would be pretty good alternative to SSL if strong encryption isn't needed.