[kmail2] [Bug 349857] New: No state-of-the-art SASL authentication method available
Steffen Lehmann
steffen at as-lehmann.de
Fri Jul 3 10:02:07 BST 2015
https://bugs.kde.org/show_bug.cgi?id=349857
Bug ID: 349857
Summary: No state-of-the-art SASL authentication method
available
Product: kmail2
Version: unspecified
Platform: Other
OS: All
Status: UNCONFIRMED
Severity: wishlist
Priority: NOR
Component: general
Assignee: kdepim-bugs at kde.org
Reporter: steffen at as-lehmann.de
There is no state-of-the art SASL authentication method available in KMail.
DIGEST-MD5 was moved to "historic" by RFC 6331 in year 2011.
And the MD5 hash algorithm must not be used for security purposes for years.
There is a powerful SCRAM authentication mechanism described in RFC 5802, but
it is not supported by KMail.
Reproducible: Always
Steps to Reproduce:
1. Open the configure dialogue
2. configure an IMAP access
3. Try to select a powerful SASL authentication mechanism
Actual Results:
No strong authentication mechanism selectable.
Expected Results:
SCRAM-SHA1 is selectable as a SASL authentication mechanism
If it would help you, I can provide you with a test account on an IMAP- and
Sieve server supporting SCRAM-SHA1.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the Kdepim-bugs
mailing list