Skip to content
Blame Permalink
  • William Pitcock's avatar
    15f6d84b
    saslserv: drop support for DH-AES and DH-BLOWFISH · 15f6d84b
    William Pitcock authored 
    Both mechanisms have serious design flaws which make them insecure.  To fix the
design flaws would make both mechanisms incompatible with current implementations,
and provide little-to-no gain over using PLAIN in a TLS channel instead.

Thusly, we drop support for them.
    15f6d84b
    saslserv: drop support for DH-AES and DH-BLOWFISH
    William Pitcock authored 
    Both mechanisms have serious design flaws which make them insecure.  To fix the
design flaws would make both mechanisms incompatible with current implementations,
and provide little-to-no gain over using PLAIN in a TLS channel instead.

Thusly, we drop support for them.