[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: authmeth: removal of DIGEST-MD5

To: Howard Chu <hyc@highlandsun.com>
Subject: Re: authmeth: removal of DIGEST-MD5
From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>
Date: Thu, 13 Oct 2005 22:18:30 +0200
Cc: Roger Harrison <RHARRISON@novell.com>, ietf-ldapbis@OpenLDAP.org
In-reply-to: <434EB345.9070104@highlandsun.com>
References: <434E57D0.DBA8.00BF.0@novell.com> <434EB345.9070104@highlandsun.com>

Howard Chu writes:
>Roger Harrison wrote:
>> I would like to replace this reference with DIGEST-MD5 with another
>> mechanism (it does not need to be normative) that would not disclose the
>> password to the server. Suggestions?
>
> GSSAPI would probably be the next most recognizable choice. Just off the
> top of my head.

I forgot about that one.  My impresson was that there has been a lot of
hype but not yet that much deployment, but I may be badly out of date.
Or maybe DIGEST-MD5 deployment is bad enough that GSSAPI competes well
anyway?

-- 
Hallvard

References:
- authmeth: removal of DIGEST-MD5
  - From: "Roger Harrison" <RHARRISON@novell.com>
- Re: authmeth: removal of DIGEST-MD5
  - From: Howard Chu <hyc@highlandsun.com>

Prev by Date: Re: authmeth: removal of DIGEST-MD5
Next by Date: Re: authmeth: removal of DIGEST-MD5
Index(es):
- Chronological
- Thread