Reinaldo de Carvalho schrieb:
As far as I understand, both should authenticate against users in
/etc/sasldb2 and provide the same mechanisms.
I'm asking becaus on my Debian Etch 4.0r4a (stable) variant 1 works, but
variant 2 doesn't and I dont know why. But I want to offer CRAM-MD5 and
DIGEST-MD5 too and this is AFAIK only possible with variant 2.
saslauthd receive password as cleartext to be compatible with many
lookup types (pam, ldap, mysql). You must use TLS/SSL to improve
security.
Yes, you are right. That's planned, but not the question.
Sascha
