On Mon, Sep 12, 2005 at 10:43:42PM +0000, Jim Alexander wrote: > I meant to also add that I think it is generally considered bad form to > silently fall back to a weaker security mechanism when a stronger on > fails. I want to be able to configure my mail client to use GSSAPI, > and if it fails, I want to be told that it failed, not fall back > and perhaps successfully authenticate using CRAM-MD5, leaving me without > a clue that my chosen auth method is not working.
I agree with that. I also think something more specific than "secure password authentication" is needed. ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos