Insert a blurb about IMAPS on localhost being pointless.

author tassium <tassium@7612ce4b-ef26-0410-bec9-ea0150e637f0>

Mon, 24 Feb 2003 18:00:40 +0000 (18:00 +0000)

committer tassium <tassium@7612ce4b-ef26-0410-bec9-ea0150e637f0>

Mon, 24 Feb 2003 18:00:40 +0000 (18:00 +0000)
author tassium <tassium@7612ce4b-ef26-0410-bec9-ea0150e637f0>
Mon, 24 Feb 2003 18:00:40 +0000 (18:00 +0000)
committer tassium <tassium@7612ce4b-ef26-0410-bec9-ea0150e637f0>
Mon, 24 Feb 2003 18:00:40 +0000 (18:00 +0000)
diff --git a/doc/authentication.txt b/doc/authentication.txt

index deff3059256f5b3afde777ccc562521042672b4c..5ce65ed53ebda57c09a78edcdc64fad8e1eb3d69 100644 (file)
--- a/doc/authentication.txt
+++ b/doc/authentication.txt
@@ -12,6 +12,11 @@ SMTP. TLS is able to be enabled on a per-service basis as well.
  Unless the administrator changes the authentication methods, SquirrelMail
  will default to the "classic" plaintext methods, without TLS.
  
+Note: There is no point in using TLS if your IMAP server is localhost. You need
+root to sniff the loopback interface, and if you don't trust root, or an attacker
+already has root, the game is over.  You've got a lot more to worry about beyond
+having the loopback interface sniffed.
+
  REQUIREMENTS
  ------------
  
@@ -23,7 +28,7 @@ CRAM/DIGEST-MD5
  
  TLS
  * SquirrelMail 1.3.3 or higher
-* PHP 4.3.0 or higher
+* PHP 4.3.0 or higher (Check Release Notes for PHP 4.3.x information)
  * The "STARTTLS" command is NOT supported.  The server you wish to use TLS
    on must have a dedicated port listening for TLS connections. (ie. port
    993 for IMAP, 465 for SMTP)
author	tassium <tassium@7612ce4b-ef26-0410-bec9-ea0150e637f0>
	Mon, 24 Feb 2003 18:00:40 +0000 (18:00 +0000)
committer	tassium <tassium@7612ce4b-ef26-0410-bec9-ea0150e637f0>
	Mon, 24 Feb 2003 18:00:40 +0000 (18:00 +0000)