A really cool security feature was just recently added to the Thunderbird email client - support for GSSAPI authentication. This extends the ability to do secure single-sign on with Kerberos to your email reading. Unless your current mail server (POP or IMAP) is SSL-protected, your username/password passes over the network in the clear. If your organization uses Kerberos for security (and convenience of single-sign on), you can now extend it to mail clients.
Solaris does not include pop3 or imap server software, but there are some open source implementations that already have the necessary server-side support for this secure authentication - The U-W IMAP Server is a popular IMAP server implementation.
Here is the announcement from the Kerberos mailing list. (Thanks to Simon Wilkinson)
======================================================================= The Thunderbird beta (1.5b1) that was released yesterday contains new support for Kerberos/GSSAPI authentication against POP3, IMAP and SMTP servers. It would be really good to get some test coverage against different servers, and in different environments. I originally wrote and tested the code against the U-W IMAP server - it's also been tested against various servers using Cyrus SASL for their GSSAPI support. The beta can be downloaded from http://www.mozilla.org/products/thunderbird/releases/1.5beta1.html Cheers, Simon. ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
