...
>
> +**Note:** the SASL ``passwd.db`` file stores passwords in clear text, so
> +care should be taken not to let its contents be disclosed to unauthorized
> +users.
Can we make ^hits all bold to make it more visible?
Reviewed-by: Erik Skultety
We don't need to go to the trouble of telling users about existance of
insecure SASL mechanisms only to then say that they shouldn't be used.
We should only tell people about the GSSAPI mechanism for TCP sockets.
For the SCRAM mechanism we should be telling people about the SHA256
variant only,