[Date Prev][Date Next] [Chronological] [Thread] [Top]

authmeth: removal of DIGEST-MD5

To: <ietf-ldapbis@OpenLDAP.org>
Subject: authmeth: removal of DIGEST-MD5
From: "Roger Harrison" <RHARRISON@novell.com>
Date: Thu, 13 Oct 2005 12:49:20 -0600

Based on the comments to the WG over the past several days, I believe that authmeth should only reference DIGEST-MD5 in historical terms. The Simple Mechanism Security Considerations currently state:

"The name/password authentication mechanism of the simple Bind method discloses the password to the server, which is an inherent security risk. There are other mechanisms such as DIGEST-MD5 that do not disclose the password to the server."

I would like to replace this reference with DIGEST-MD5 with another mechanism (it does not need to be normative) that would not disclose the password to the server. Suggestions?

Thanks,

Roger

Follow-Ups:
- Re: authmeth: removal of DIGEST-MD5
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
- Re: authmeth: removal of DIGEST-MD5
  - From: Howard Chu <hyc@highlandsun.com>
- Re: authmeth: removal of DIGEST-MD5
  - From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>

Prev by Date: LDAPBIS @ IETF64
Next by Date: Re: authmeth: removal of DIGEST-MD5
Index(es):
- Chronological
- Thread