--On Friday, March 16, 2001 10:41 AM +0100 Norbert Klasen
<[EMAIL PROTECTED]> wrote:
>> Excellent catch. This looks like a bug; as you might've guessed, we
>> don't yet use client side authentication with STARTTLS, and this code
>> was only tested a few times when it was first inserted.
>
> BTW are there any MUAs that support STARTTLS/IMAPS with client
> certificates and SASL EXTERNAL?
> If I change the askcert parameter in the call to tls_init_serverengine
> to 1, Netscape Messenger (4.76) prompts for a client cert and sends it
> to the server but then does plaintext authentication.
We've looked into the possibility of adding this capability to Mulberry,
but there really hasn't been a great demand for it so its a low priority.
I'd certainly like to hear from people who think its important.
--
Cyrus Daboo