Dne Po 9. října 2017 13:25:12, Sebastian Hagedorn napsal(a): > MD5 + TLS is still better than plaintext + TLS, IMHO. It's true that MD5 in > itself doesn't do much good anymore, but I prefer it anyway. > > --On 9. Oktober 2017 um 11:47:46 +0100 Merlin Hartley > > <merlin@xxxxxxxxxxxxxxxxx> wrote: > > Why would you want to, you are already using TLS so what do you expect to > > gain? plaintext+TLS > > > > md5 suffers from multiple inadequacies - so it seems pretty pointless to > > me. Hello, I find the *-md5 (and all auxprop) authentications a bit of a problem as you have to store passwords in plaintext on the server. Which imho is much higher risk (stealing all passwords at once), than plaintext password + TLS. Best regards Vladki ---- Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
