On 222, 08 09, 2004 at 11:45:10 +0300, Timo Sirainen wrote:

On 9.8.2004, at 15:33, Andrey Panin wrote:

...

attached patch implements Compuserve RPA athentication mechanism.

First time I've heard of it. Does it have some advantages over other mechanisms?

Proprietary mechanism designed by Compuserve back in mid 90th. IMHO it's comparable to digest-md5, provides mutual authentication, chosen plaintext attack prevention etc.

Is it useful to distribute with Dovecot, or should it rather be just a separately distributed plugin?

Hmm, I'm not sure. It's good, secure mechanism and windows MUA's more often support rpa than digest-md5. It's about one page of executable code after all :) You are dovecot author, so you should decide :)

Except:

@@ -14,7 +14,8 @@ enum passdb_credentials { PASSDB_CREDENTIALS_CRAM_MD5, PASSDB_CREDENTIALS_DIGEST_MD5, PASSDB_CREDENTIALS_LANMAN, - PASSDB_CREDENTIALS_NTLM + PASSDB_CREDENTIALS_NTLM, + PASSDB_CREDENTIALS_RPA };

Plugins can't update this list. And it's already too large. I think I'll change these to strings.

password_sheme_register() ? -- Andrey Panin | Linux and UNIX system administrator pazke@donpac.ru | PGP key: wwwkeys.pgp.net