summaryrefslogtreecommitdiff
path: root/lib/net/imap/authenticators/plain.rb
diff options
context:
space:
mode:
Diffstat (limited to 'lib/net/imap/authenticators/plain.rb')
-rw-r--r--lib/net/imap/authenticators/plain.rb11
1 files changed, 9 insertions, 2 deletions
diff --git a/lib/net/imap/authenticators/plain.rb b/lib/net/imap/authenticators/plain.rb
index 2b6051c0f2..a9d46c920e 100644
--- a/lib/net/imap/authenticators/plain.rb
+++ b/lib/net/imap/authenticators/plain.rb
@@ -1,14 +1,21 @@
# frozen_string_literal: true
-# Authenticator for the "+PLAIN+" SASL mechanism. See Net::IMAP#authenticate.
+# Authenticator for the "+PLAIN+" SASL mechanism, specified in
+# RFC4616[https://tools.ietf.org/html/rfc4616]. See Net::IMAP#authenticate.
#
-# See RFC4616[https://tools.ietf.org/html/rfc4616] for the specification.
+# +PLAIN+ authentication sends the password in cleartext.
+# RFC3501[https://tools.ietf.org/html/rfc3501] encourages servers to disable
+# cleartext authentication until after TLS has been negotiated.
+# RFC8314[https://tools.ietf.org/html/rfc8314] recommends TLS version 1.2 or
+# greater be used for all traffic, and deprecate cleartext access ASAP. +PLAIN+
+# can be secured by TLS encryption.
class Net::IMAP::PlainAuthenticator
def process(data)
return "#@authzid\0#@username\0#@password"
end
+ # :nodoc:
NULL = -"\0".b
private
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-15 08:18:51 +0000