#44808 Default to allowing password authentication on leaves users vulnerable

Received: (at 44808) by debbugs.gnu.org; 30 Nov 2020 03:59:03 +0000
From debbugs-submit-bounces@debbugs.gnu.org Sun Nov 29 22:59:03 2020
Received: from localhost ([127.0.0.1]:53129 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1kjaL9-0001l6-2u
	for submit@debbugs.gnu.org; Sun, 29 Nov 2020 22:59:03 -0500
Received: from mail-qv1-f44.google.com ([209.85.219.44]:41694)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <maxim.cournoyer@gmail.com>) id 1kjaL6-0001ka-Uu
 for 44808@debbugs.gnu.org; Sun, 29 Nov 2020 22:59:01 -0500
Received: by mail-qv1-f44.google.com with SMTP id x13so5007736qvk.8
 for <44808@debbugs.gnu.org>; Sun, 29 Nov 2020 19:59:00 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=from:to:cc:subject:references:date:in-reply-to:message-id
 :user-agent:mime-version;
 bh=V02Zlx3UplLnHLExjXpHGDkluN8f4g6ZWD/mAx/gNYM=;
 b=PBMcq6mDAY2kefYvzZDU40BdG9MF5kD/ForyWLSziuS5DYUC3pk28lP98+aTagPgaG
 FKAxWOselMPj3Do+V1JBuwetG+9CJHWAszyrvf1IBzfDxBHe8c1kJGHxlUjBMcwTvnn4
 OFWtAFeJmsfPpBHD9NfqBTJft3I1g72X7eir152XVK2XtMUDhgTwXQqbI5UO+yBSt9JZ
 p106Bpr5Xv6AdC4DX4axlusLr+1Z1gfDEs7AJBoBjwL+X4WZ4TR8YDEtJvzTyyTAU/93
 7Eu9aiYyDM76XM1Du2S0SuPhsRqFdkJxOYQ+5Jc32vnJF/AUtTmeMIc0SL7qk4zYJSGt
 jBug==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:references:date:in-reply-to
 :message-id:user-agent:mime-version;
 bh=V02Zlx3UplLnHLExjXpHGDkluN8f4g6ZWD/mAx/gNYM=;
 b=cBQOV2jDuKfaN4+/w1Laz6qd9NMolpbgoe+iY872LUa9d41m3MYsgfmAfataNhJXyx
 Ha3IBwnoKgB1baAm47zgcrMIoQyYnBZYZgqcEUrnb0d8sFO3p2KYXURegzGXKuS2YRVo
 82a6CnzwvkZUbwCNrIqIHlSQCvUFfC7q2tpMq42jbFS0SeM15mfubo9De+RiwTbMYaRk
 lEJulJofmGAhIKwxXTaMsapY6Av52uvH69NeFeptBUU5VC10xWY9Cql3lSG6ENSECX6C
 1jaBSehNrmieMqNoshuLMU4nkPhlaZ8B79R7hx/mM/srBAO4jSfVvB16LsF+6hHKbZfo
 1/dg==
X-Gm-Message-State: AOAM530/D+Uloh7fts1cFxugLnVLlYVdWZgT5P+qXP15zpns7vVXyxju
 oNNCpP19OkIND/mKqVWm+SzzGXDxg2ePsQ4O
X-Google-Smtp-Source: ABdhPJy6f1d3eAjF356UBVIyRqA5Fr27+d67u36ZPgA1FoZBg7fXlKanB8Lpn85E9qLrZD+szKznAg==
X-Received: by 2002:ad4:4584:: with SMTP id x4mr20375614qvu.47.1606708735178; 
 Sun, 29 Nov 2020 19:58:55 -0800 (PST)
Received: from hurd (dsl-150-82.b2b2c.ca. [66.158.150.82])
 by smtp.gmail.com with ESMTPSA id m10sm1910989qtp.46.2020.11.29.19.58.54
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Sun, 29 Nov 2020 19:58:54 -0800 (PST)
From: Maxim Cournoyer <maxim.cournoyer@gmail.com>
To: Christopher Lemmer Webber <cwebber@dustycloud.org>
Subject: Re: bug#44808: Default to allowing password authentication on
 leaves users vulnerable
References: <878sat3rnn.fsf@dustycloud.org> <874klgybbs.fsf@zancanaro.id.au>
 <87im9w2gjt.fsf@dustycloud.org>
Date: Sun, 29 Nov 2020 22:58:53 -0500
In-Reply-To: <87im9w2gjt.fsf@dustycloud.org> (Christopher Lemmer Webber's
 message of "Mon, 23 Nov 2020 11:17:58 -0500")
Message-ID: <87im9nmr5u.fsf@gmail.com>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 44808
Cc: Carlo Zancanaro <carlo@zancanaro.id.au>, 44808@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)