Le 12 mars 2013 à 14:28, andreas@cymail.eu a écrit :
Can somebody please clarify the following in the documentation?
I am actually looging at the 2.x docs: In the http://wiki2.dovecot.org/Authentication file there is a good effort to clarify between authentication mechanisms and password schemes. The authentication mechanisms are described in http://wiki2.dovecot.org/Authentication/Mechanisms. That is fine. But then looking at the http://wiki2.dovecot.org/Authentication/PasswordSchemes there is a section "Non-plaintext authentication mechanisms" which looks to me to be a repeat of what there is in the description of the authentication mechanisms.
Hello Andreas,
The mechanisms page enumerates the various authentication protocols supported by Dovecot, and mentions that each of these mechanisms may be used with a password stored as plaintext or using a mechanism-specific scheme (storage).
On the other hand, the schemes page enumerates various ways for storing passwords implemented by Dovecot, and relates each of those schemes to the mechanism(s) that may make use of it.
So, I would be tempted to speak about cross-references, not exactly about a repeat.
This section lists one more mechanism, LANMAN.
Well, my understanding is that there was the LANMAN protocol (the mechanism) that used the LANMAN hash (the scheme). Later, that hash has been used for the NTLMv1 protocol as well.
Can somebody explain why this section is in this file? And which of the two is applicable.
Yes, perhaps could the section title "Non-plaintext authentication mechanisms" be changed into something like "Password schemes specific to non-plaintext mechanisms".
HTH, Axel