[Users] [Bug 2796] add SCRAM-SHA-1 support
noreply at thewildbeast.co.uk
noreply at thewildbeast.co.uk
Mon Nov 10 08:58:51 CET 2014
http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=2796
--- Comment #1 from Andrej Kacian <andrej at kacian.sk> ---
For IMAP, we are limited by what libetpan supports, and I haven't found any
mention of even a plan to add SCRAM-SHA-1 support there.
For SMTP, I think this is doable. We will, however, need two things:
1. A good source for random numbers to generate good client nonce. We can
either use GnuTLS's gnutls_rand(), or directly read from /dev/urandom. That is
not portable to Windows, though, we'd have to use CryptGenRandom() on Windows,
or simply not support SCRAM-SHA-1 for Windows.
Using GnuTLS for this would of course mean that we would only support
SCRAM-SHA-1 if compiled with GnuTLS support.
2. SHA1 digest implementation. Again, we could use GnuTLS, libnettle (implies
additional dependency), or simply grab an implementation from e.g. nettle
library.
Thoughts?
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the Users
mailing list