System.Web.Mail FAQ

Complete FAQ Listing

6.2.8 RFC 2195 IMAP/POP AUTHorize Extension for Simple Challenge/Response Printer Friendly   Email This FAQ   Discuss
While IMAP4 supports a number of strong authentication mechanisms as described in RFC 1731, it lacks any mechanism that neither passes cleartext, reusable passwords across the network nor requires either a significant security infrastructure or that the mail server update a mail-system-wide user authentication file on each mail access. This specification provides a simple challenge-response authentication protocol that is suitable for use with IMAP4. Since it utilizes Keyed-MD5 digests and does not require that the secret be stored in the clear on the server, it may also constitute an improvement on APOP for POP3 use as specified in RFC 1734.

Discuss This FAQ Item
Got a question? Another Suggestion? Want to post your solution? Discuss it below.
New Post