[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Authentication Methods for LDAP - last call

To: 'Tim Howes' <howes@netscape.com>, Chris Newman <Chris.Newman@INNOSOFT.COM>
Subject: RE: Authentication Methods for LDAP - last call
From: Paul Leach <paulle@microsoft.com>
Date: Thu, 13 Aug 1998 15:13:52 -0700
Cc: IETF LDAP Extensions WG <ietf-ldapext@netscape.com>
Resent-date: Thu, 13 Aug 1998 15:14:11 -0700 (PDT)
Resent-from: ietf-ldapext@netscape.com
Resent-message-id: <"0HTeb2.0.JV4.nKsqr"@glacier>
Resent-sender: ietf-ldapext-request@netscape.com


> -----Original Message-----
> From: Tim Howes [mailto:howes@netscape.com]
> Sent: Thursday, August 13, 1998 10:49 AM
> To: Chris Newman
> Cc: Paul Leach; IETF LDAP Extensions WG
> Subject: Re: Authentication Methods for LDAP - last call
> 
> I'm not. That would delay us (and every other thing
> the LDAPEXT group is working on) for about a year,
> would be my guess. It may be that when we have a
> good replacement for cram-md5 we should incorporate
> that into the ldap spec. But until such a thing
> exists, we should use the best that's available to
> us. That sounds like cram-md5.

It is not clear at all to me that using something other that CRAM-MD5 has to
delay us a year. I submitted a proposal for an alternative -- use of HTTP
Digest instead of CRAM-MD5. Digest is already a Proposed Standard. The
alternative section 8.1 is as complete a description of how to use Digest as
a SASL mechanism as the original is of how to use CRAM-MD5 as a SASL
mechanism. If the substitution were done and agreed to, it should take no
longer to go forward than wrangling about it.

Paul

Follow-Ups:
- RE: Authentication Methods for LDAP - last call
  - From: Chris Newman <Chris.Newman@INNOSOFT.COM>

Prev by Date: Re: Authentication Methods for LDAP - last call
Next by Date: Re: Comments on draft-ietf-ldapext-trigger-01.txt
Index(es):
- Chronological
- Thread