[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Comments about draft-ietf-ldapbis-authmeth-05.txt

To: "'Mark Ennis'" <mark.ennis@adacel.com>, "'Kurt D. Zeilenga'" <Kurt@OpenLDAP.org>
Subject: RE: Comments about draft-ietf-ldapbis-authmeth-05.txt
From: "Howard Chu" <hyc@highlandsun.com>
Date: Tue, 19 Aug 2003 00:43:17 -0700
Cc: "'Ramsay, Ron'" <Ron.Ramsay@ca.com>, "'Alexey Melnikov'" <Alexey.Melnikov@isode.com>, "'LDAPBis WG'" <ietf-ldapbis@OpenLDAP.org>
Importance: Normal
In-reply-to: <3F415BA3.4040108@adacel.com>

> -----Original Message-----
> From: owner-ietf-ldapbis@OpenLDAP.org
> [mailto:owner-ietf-ldapbis@OpenLDAP.org]On Behalf Of Mark Ennis

> Kurt,

> It still seems to me as though you are the one re-engineering
> LDAP and
> its application of DIGEST-MD5. I have yet to come across
> anything in the
> LDAP or SASL specifications which preclude the use of
> distinguished name
> strings in the DIGEST-MD5 username value, except possibly the
> normalisation of the username field being proposed in the
> SASLprep work.

The fact that Distinguished Names are necessarily of unbounded length, while
the DIGEST-MD5 "digest-response" (which must contain the username) is
restricted by RFC2831 to 4096 bytes or less, implies that these two concepts
are inherently disjoint.

  -- Howard Chu
  Chief Architect, Symas Corp.       Director, Highland Sun
  http://www.symas.com               http://highlandsun.com/hyc
  Symas: Premier OpenSource Development and Support

References:
- Re: Comments about draft-ietf-ldapbis-authmeth-05.txt
  - From: Mark Ennis <mark.ennis@adacel.com>

Prev by Date: RE: Comments about draft-ietf-ldapbis-authmeth-05.txt
Next by Date: referrals question
Index(es):
- Chronological
- Thread