[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Simple+TLS as mandatory-to-implement (RE: Issues with current authmeth draft.)

To: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Subject: Re: Simple+TLS as mandatory-to-implement (RE: Issues with current authmeth draft.)
From: Mark Ennis <mark.ennis@adacel.com>
Date: Thu, 15 May 2003 08:59:07 +1000
Cc: ietf-ldapbis@OpenLDAP.org
In-reply-to: <5.2.0.9.0.20030514062827.02823dc8@127.0.0.1>
References: <5.2.0.9.0.20030513074355.029edd18@127.0.0.1> <5.2.0.9.0.20030512195717.02923988@127.0.0.1> <5.2.0.9.0.20030512195717.02923988@127.0.0.1> <5.2.0.9.0.20030513074355.029edd18@127.0.0.1> <5.2.0.9.0.20030514062827.02823dc8@127.0.0.1>
User-agent: Mozilla/5.0 (Windows; U; WinNT4.0; en-US; rv:1.3) Gecko/20030312

My preference is for a digest (or similar challenge/response) authentication mechanism which allows distinguished names as a form of the authentication identity.

- Mark.

Kurt D. Zeilenga wrote:

At 09:43 PM 5/13/2003, Mark Ennis wrote:
With regards to an alternative mandatory-to-implement authentication mechanism which is more secure than using cleartext passwords, I would like to see one which allows for distinguished names as one form of the authentication identity, but would be reluctant to support mandatory implementation of startTLS extended operation to achieve this if it can be avoided.
Does your desire to avoiding StartTLS outweigh your desire for
credentials with LDAPDNs?  Or does your desire for credentials
with LDAPDNs outweigh your desire to avoid StartTLS?
Kurt

Follow-Ups:
- Re: Simple+TLS as mandatory-to-implement (RE: Issues with current authmeth draft.)
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

References:
- Re: Simple+TLS as mandatory-to-implement (RE: Issues with current authmeth draft.)
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
- Simple+TLS as mandatory-to-implement (RE: Issues with current authmeth draft.)
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
- Re: Simple+TLS as mandatory-to-implement (RE: Issues with current authmeth draft.)
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: Re: Simple+TLS as mandatory-to-implement (RE: Issues with current authmeth draft.)
Next by Date: Re: Simple+TLS as mandatory-to-implement (RE: Issues with current authmeth draft.)
Index(es):
- Chronological
- Thread