[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: using userPassword attribute

To: Mahesh Patil <Mahesh.Patil@Netdecisions.com>
Subject: RE: using userPassword attribute
From: Adam Williams6 <awilliam@whitemice.org>
Date: Mon, 1 Apr 2002 10:39:36 -0500 (EST)
Cc: "'openldap-software@OpenLDAP.org'" <openldap-software@OpenLDAP.org>
In-reply-to: <2F9049602A82D511819F00B0D0F0452A7C2D3E@INMUMMX00>

>	Do you have any idea on "storing encrypted creditcard numbers in
>LDAP and retrieving them" ???

Most crypto worth anything is one-way, like a password hash.  So there is 
no 'getting them back'.  I'd recommend storing things like cc numbers in 
the clear and defining an ACL that only allows clients using some level of 
encryption to retrieve the values (see the ssf directive).

-- 
-----------------------------------------------------------
Ximian GNOME, Evolution, LTSP, and RedHat Linux + LVM & XFS
-----------------------------------------------------------

Follow-Ups:
- RE: using userPassword attribute
  - From: "Michael Cunningham" <m.cunningham@xpedite.com>

References:
- RE: using userPassword attribute
  - From: Mahesh Patil <Mahesh.Patil@Netdecisions.com>

Prev by Date: RE: using userPassword attribute
Next by Date: Re: ldapadd: invalid format
Index(es):
- Chronological
- Thread