Re: LDAPv3 a nightmare

[Tony Earnshaw <tonye@billy.demon.nl>]

lør, 28.02.2004 kl. 10.16 skrev Turbo Fredriksson:

[...]

> Do remember that LDAP is _NOT_ (can't stress that enough!) designed
> to be 'secure' (that is, to store 'very secret information'). Kerberos
> is.
> 
> So you will loose security if going this route...

[...]

> > >In fact only one database is
> > > needed;
> > 
> > good too.
> 
> That can't be argued. It's always a matter of weighting comfort with security...
> _I_ choose to think that security is more important than comfort, but that's
> just me.
> 
> It IS possible to get 'resonable security' when setting up LDAP. That require
> quite some knowledge though. But it will NEVER be as secure as having two
> databases...

I'd dispute the above. As a man in the middle, how long would it take
you to crack a (TLS-encrypted?) double DIGEST-MD5 nonce or cnonce? How
would you break root security on a machine and get to see the cleartext
passwords (or even to steal the BDB log file, etc?

The machine security is the most important; I'm satisfied with
Openldap's basic subordinate SASL security. I see KerberosV/GSSAPI as a
necessary evil for OTPs where Windows machines are involved - and even
then, the latter are the root to cracking any imaginary "security" there
might be.

--Tonni
 
-- 

mail: billy - at - billy.demon.nl
http://www.billy.demon.nl