Colin Walters wrote:
On Mon, 2004-07-12 at 18:38 +0300, Timo Sirainen wrote:
I was mostly thinking about things which don't exist yet. Such as there's already Postfix patch to authenticate from dovecot-auth, would it make sense to add integrity proxy to it?
Ah...maybe. Postfix already has its own SASL implementation, so the Postfix patch could be extended to be able to receive an exported GSS context and do its own integrity/confidentiality protection in the smtpd process. I guess it would be possible to have dovecot-auth do the integrity protection proxying itself in the same way imap-login does now, but given that Postfix has its own SASL it probably makes more sense to give control back to that.
I guess you are talking about the unofficial TLS patch to postfix. It uses CYRUS SASL unwanted by some, so (small and easier to proofread) alternatives would probably be appreciated.
- Jonas