On 02/21/14 16:11 +0100, Willy Offermans wrote: >You are pointing to EXTERNAL, next to PLAIN and LOGIN. I do not understand >this mechanism yet. At the moment I believe I have PLAIN password wrapped >into TLS. So I already do starttls client authentication. What will EXTERNAL >do? TLS client authentication is a scenario where you perform TLS authentication where the client also has a certificate. The server can then use the contents of the client certificate to derive the username (with no password, per se). For example, 'cyradm --tlskey <file>'. The EXTERNAL mechanism should not be offered unless TLS client authentication was successful during the starttls step. -- Dan White ---- Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
