349857 – No state-of-the-art SASL authentication method available

Bug 349857 - No state-of-the-art SASL authentication method available

Summary: No state-of-the-art SASL authentication method available

Status:	REPORTED

Alias:	None

Product:	kmail2
Classification:	Applications
Component:	general (show other bugs)
Version:	unspecified
Platform:	Other All

Importance:	NOR wishlist
Target Milestone:	---
Assignee:	kdepim bugs

URL:
Keywords:

Depends on:
Blocks:

Reported:	2015-07-03 09:02 UTC by Steffen Lehmann
Modified:	2017-06-04 14:48 UTC (History)
CC List:	1 user (show)

See Also:
Latest Commit:
Version Fixed In:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Steffen Lehmann 2015-07-03 09:02:07 UTC

There is no state-of-the art SASL authentication method available in KMail. 
DIGEST-MD5 was moved to "historic" by RFC 6331 in year 2011.
And the MD5 hash algorithm must not be used for security purposes for years.
There is a powerful SCRAM authentication mechanism described in RFC 5802, but it is not supported by KMail.

Reproducible: Always

Steps to Reproduce:
1. Open the configure dialogue
2. configure an IMAP access
3. Try to select a powerful SASL authentication mechanism

Actual Results:  
No strong authentication mechanism selectable.

Expected Results:  
SCRAM-SHA1 is selectable as a SASL authentication mechanism

If it would help you, I can provide you with a test account on an IMAP- and Sieve server supporting SCRAM-SHA1.