On Wed, 3 Mar 1999, Roman V. Isaev wrote:
> BTW, correct me if I'm wrong, but I never saw any good SMTP
> authentication schemes -- all of them send the password in clear :(
> Also, it's quite possible that users will send their passwords to
> wrong servers... this means passwords must be mangled with MD5 or
> something like that...
wouldn't yu kow it the day after I delete the internet-draft off my had
disk someone could make use of it. hopefully there;s an internet draft
something like *overall-srap-* which is a draft for a simple roaming acess
protocol written by someone at the ISP I use. they have windows and perl
agents that run locally. and is intended to authneitcate systems rather
than users. (ie this laptop has a valid demon account)
otoh some ISPS, like freeserve.co.uk, automatically re-direct SMTP to
their relays regardless of the actions of the client neatly avoiding the
problems of reconfiguring the SMTP destination between the campus network
and the ISP when mobile. (I don't bother to offer a dial-in service at
work. pay-for ISPs will provide it for $100/user/year and free ones for
nothing (they get 17% of the call charges whilst users are connected) )
The problems of the world can't be solved by fixing the working
C. Daniluk
