require_ssl with SASL secure layers
Jeffrey M. Vinocur
jeff at litech.org
Mon Jun 1 00:09:46 UTC 2009
On Sun, 31 May 2009, [iso-8859-15] Julien ÉLIE wrote:
> I think we could rename the require_ssl: parameter in readers.conf
> to something like require_encryption: in order to take into account
> both a successful STARTTLS command (or "nnrpd -S") and a successful
> AUTHINFO SASL with a negotiation of a secure layer.
Sounds lovely.
(The thought crossed my mind of trying to add a little more expressive
power to it, by changing from boolean to a list, where the user could
specify exactly what would be adequate encryption for a given block to be
tried, e.g. "require_encryption: TLS, SASL.CRAM-MD5, SASL.DIGEST-MD5" but
then I thought that might be trouble than it's worth.)
--
Jeffrey M. Vinocur
jeff at litech.org
More information about the inn-workers
mailing list