diff options
Diffstat (limited to 'lib/net/imap/authenticators/plain.rb')
-rw-r--r-- | lib/net/imap/authenticators/plain.rb | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/lib/net/imap/authenticators/plain.rb b/lib/net/imap/authenticators/plain.rb index 2b6051c0f2..a9d46c920e 100644 --- a/lib/net/imap/authenticators/plain.rb +++ b/lib/net/imap/authenticators/plain.rb @@ -1,14 +1,21 @@ # frozen_string_literal: true -# Authenticator for the "+PLAIN+" SASL mechanism. See Net::IMAP#authenticate. +# Authenticator for the "+PLAIN+" SASL mechanism, specified in +# RFC4616[https://tools.ietf.org/html/rfc4616]. See Net::IMAP#authenticate. # -# See RFC4616[https://tools.ietf.org/html/rfc4616] for the specification. +# +PLAIN+ authentication sends the password in cleartext. +# RFC3501[https://tools.ietf.org/html/rfc3501] encourages servers to disable +# cleartext authentication until after TLS has been negotiated. +# RFC8314[https://tools.ietf.org/html/rfc8314] recommends TLS version 1.2 or +# greater be used for all traffic, and deprecate cleartext access ASAP. +PLAIN+ +# can be secured by TLS encryption. class Net::IMAP::PlainAuthenticator def process(data) return "#@authzid\0#@username\0#@password" end + # :nodoc: NULL = -"\0".b private |