Need support for SASL authentication for IMAP

RESOLVED FIXED

Status

--
enhancement
RESOLVED FIXED
16 years ago
10 years ago

People

(Reporter: jamesrome, Assigned: Bienvenu)

Tracking

Trunk
x86
Windows 2000

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

16 years ago
Many IMAP servers (mine included) cannot support SSL for IMAP, but can support
things like CRAM-MD5 for secure authentication. Mozilla needs to embrace these
other secure forms of authentication.
(Assignee)

Comment 1

16 years ago
Mozilla supports CRAM-MD5 as of a couple weeks ago. There's a bug open about
supporting CRAM-DIGEST as well. Is there anything else that you can think of?
(Reporter)

Comment 2

16 years ago
Wonderful. But it is quite unobvious as to how to use it. The IMAP dialog in the
4/17 build only haas SSL for IMAP.
(Reporter)

Comment 3

16 years ago
I sniffed my conversation with the IMAP server, and indeed it seems to be
automatic! Way to go Mozilla folks!
Status: NEW → RESOLVED
Last Resolved: 16 years ago
Resolution: --- → FIXED
(Assignee)

Comment 4

16 years ago
yes, it's automatic.
(Reporter)

Comment 5

16 years ago
I do have a request for an enhancement on this fix.
I think it is important to let the user know that his IMAP password is being
transmitted encrypted, so some sort of icon should appear when this happens, or not.
(Reporter)

Comment 6

16 years ago
Maybe I made a Chinese wish and got what I asked for, but didn't really want.
With the 2003042908 build, every time I access my secure POP server, I get a
message that the CRAM-MD5 authentication failed. Since it is POP over SSL,
CRAM-MD5 really isn't needed. But I like the idea of the message when they do
support CRAM-MD5, and it failed.

So, we need a way to indicate whether the server does CRAM-MD5 in the Server
Settings pane. If it doesn;t do it, the user could indicate that, and the error
messages would be supressed.
(Assignee)

Comment 7

16 years ago
tomorrow's build with work with CRAM-MD5
Product: MailNews → Core
Product: Core → MailNews Core
You need to log in before you can comment on or make changes to this bug.