[Dovecot] Documentation Clarification

Axel Luttgens AxelLuttgens at swing.be
Tue Mar 12 17:37:05 EET 2013


Le 12 mars 2013 à 14:28, andreas at cymail.eu a écrit :

> Can somebody please clarify the following in the documentation?
> 
> I am actually looging at the 2.x docs:
> In the http://wiki2.dovecot.org/Authentication file there is
> a good effort to clarify between authentication mechanisms and password schemes.
> The authentication mechanisms are described in http://wiki2.dovecot.org/Authentication/Mechanisms.
> That is fine. But then looking at the http://wiki2.dovecot.org/Authentication/PasswordSchemes
> there is a section "Non-plaintext authentication mechanisms" which looks to me to be a repeat
> of what there is in the description of the authentication mechanisms.

Hello Andreas,

The mechanisms page enumerates the various authentication protocols supported by Dovecot, and mentions that each of these mechanisms may be used with a password stored as plaintext or using a mechanism-specific scheme (storage).

On the other hand, the schemes page enumerates various ways for storing passwords implemented by Dovecot, and relates each of those schemes to the mechanism(s) that may make use of it.

So, I would be tempted to speak about cross-references, not exactly about a repeat.


> This section lists one more mechanism, LANMAN.

Well, my understanding is that there was the LANMAN protocol (the mechanism) that used the LANMAN hash (the scheme). Later, that hash has been used for the NTLMv1 protocol as well.


> Can somebody explain why this section is in this file? And which of the two is applicable.

Yes, perhaps could the section title "Non-plaintext authentication mechanisms" be changed into something like "Password schemes specific to non-plaintext mechanisms".


HTH,
Axel



More information about the dovecot mailing list