Hi Jamin! Jamin W. Collins schrieb am 2003-09-12 11:49:23: > Does anyone else see it as a concern that the Jabber server (1.4.2 > release) and popular transports (aim-t, jit, msn-t, and yahoo-t) save > user account information (user name and password) in plaintext for > anyone with read access on the Jabber server to see?
This is a frequently asked question on this list.
At the moment with the existing jabberd 1.4.2 authentication schemes it
is needed that there is the passport available on the server for most
clients if you don't want to use plain text authenciation as it is
needed for digest authentication.
In the future hopefully more clients will support SASL authentication
with better authentication schemes and the server won't need to store
the plaintext authentication token then.
Tot kijk
Matthias
pgp00000.pgp
Description: PGP signature
