[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: draft-ietf-ldapext-authmeth-02.txt
Doc changes for draft-ietf-ldapext-authmeth-02.txt from -01 version...
- updated section: 3. Introduction
with revised threats and security mechanisms enumerations.
- updated section: 4. Deployment scenarios
with revised scenarios.
- added section: 5. Authentication and Authorization:
Definitions and Concepts
from draft-ietf-ldapext-ldapv3-tls-01.txt
- updated section: 6. Required Security Mechanisms
- draws distinctions between passive eavesdropping attacks and active
intermediary attacks.
- revised security conformance requirements.
- various detailed refinements to sections:
7. Anonymous authentication
8. Password-based authentication
9. Certificate-based authentication
- added section: 11. Authorization Identity
- syntax for authorization id included with SASL "EXTERNAL"-flavored Bind
- updated section: 12. TLS Ciphersuites
- refined and expanded ciphersuite list. Commented on threats different
classes of ciphersuites are susceptable to.
- Overall subtle-but-important change to doc is to recognize..
- authorization identities are not always represented as DNs