294257Re: GSSAPI with SMTP client
- Jul 11, 2013On Thu, Jul 11, 2013 at 11:23:50AM -0400, Erinn Looney-Triggs wrote:
> > GSSAPI inside TLS currently does not perform channel binding, andhttps://tools.ietf.org/html/rfc5056
> > so your session can be hijacked, after the client authenticates
> > with GSSAPI. You can use "fingerprint" security if your server
> > certificate is not signed by a usable CA.
> However, do you have a bit more info about what you mean by
> channel binding? A link, something along those lines just so I can
> understand the concepts here.
- << Previous post in topic Next post in topic >>