[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: userPassword question

To: IETF LDAP Extensions WG <ietf-ldapext@netscape.com>
Subject: Re: userPassword question
From: Chris Newman <Chris.Newman@INNOSOFT.COM>
Date: Tue, 28 Jul 1998 17:06:47 -0700 (PDT)
In-reply-to: <35B8CAAE.7E915CAA@sqribe.com>
Resent-date: Tue, 28 Jul 1998 17:07:36 -0700 (PDT)
Resent-from: ietf-ldapext@netscape.com
Resent-message-id: <"pXUfq1.0.Ce.dUclr"@glacier>
Resent-sender: ietf-ldapext-request@netscape.com

On Fri, 24 Jul 1998, Bob Bick wrote:
> <HTML>
> From a newbie...
> 
> <P>When I retrieve an LDAP attribute value for the "userPassword" attribute,
> the attribute value appears to be encrypted (probably a good thing). However,
> I would like to compare the userPassword with the actual password.

Isn't it a violation of RFC 2256 to have the value of the userPassword
attribute encrypted in a way that is visible to the protocol?  Or is my
inexperience with LDAP showing?

		- Chris

Follow-Ups:
- Re: userPassword question
  - From: Mark Wahl <M.Wahl@INNOSOFT.COM>
- Re: userPassword question
  - From: Andreas Berger <aberger@darmstadt.gmd.de>

References:
- userPassword question
  - From: Bob Bick <bobb@sqribe.com>

Prev by Date: updated asn.1 for signed directory operations
Next by Date: Re: userPassword question
Index(es):
- Chronological
- Thread