[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Bind and StrongAuthRequired

To: Kurt@OpenLDAP.org
Subject: Re: Bind and StrongAuthRequired
From: Simon Spero <ses@unc.edu>
Date: Fri, 26 Jul 2002 19:32:35 -0400
Cc: ietf-ldapbis@OpenLDAP.org
Content-disposition: inline

[Allow BindResponse to request a stronger authentiation mechanism]

This change makes a lot of sense; it also suggests removing the requirement in [draft-ietf-ldapbis-authmeth-03.txt: para G.12] that states that servers MUST support password based authentication.

If a server is allowed to reject binds for reasons of lack of strength, it's silly to require a server to advertise a mechanism that it knows in advance it's going to reject.

BTW, were there any changes made to the auth document?

Simon

Follow-Ups:
- authmeth (Was: Bind and StrongAuthRequired)
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: Re: Bind and StrongAuthRequired
Next by Date: Re: Bind and StrongAuthRequired
Index(es):
- Chronological
- Thread