ietf-nntp Re: WG Review: Simple Authentication and Security Layer (sasl)

Russ Allbery rra at
Mon Dec 9 17:51:32 PST 2002

Ken Murchison <ken at> writes:

> Yes, this is a well known problem with infrastrctures which are based
> around a plaintext methodology.  I guess your alternatives are to switch
> to something like Kereberos or try resurrecting Newman's DSS effort (or
> something similar) ietf-sasl.  If the WG likes the idea, I'll volunteer
> to write the plugin for CMU SASL.

Kerberos doesn't help in Andrew's situation unless by using Kerberos you
mean converting all possible password databases that the server might need
to query to Kerberos, which doesn't work very well when the person running
the server doesn't control all of them.

Russ Allbery (rra at             <>

More information about the ietf-nntp mailing list