[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: draft minutes from Chicago meeting

To: 'Erik Skovgaard' <eskovgaard@geotrain.com>, Phil Pinkerton <phil%jade@wg.icl.co.uk>, ietf-ldapext@netscape.com
Subject: RE: draft minutes from Chicago meeting
From: Paul Leach <paulle@microsoft.com>
Date: Sat, 03 Oct 1998 15:26:17 -0700
Resent-date: Sat, 03 Oct 1998 15:26:50 -0700 (PDT)
Resent-from: ietf-ldapext@netscape.com
Resent-message-id: <"RkO6P.0.BT5.eIg5s"@glacier>
Resent-sender: ietf-ldapext-request@netscape.com

> -----Original Message-----
> From: Erik Skovgaard [mailto:eskovgaard@geotrain.com]
> Sent: Friday, October 02, 1998 8:42 AM
> To: Phil Pinkerton; ietf-ldapext@netscape.com
> Subject: Re: draft minutes from Chicago meeting
> 
> 
> Phil,
> 
> Think about it, how will you implement a multi-server domain?
> 
> With CRAM-MD5 you have to configure the password for users on 
> each server.
> That may be fine for a few servers and a few non-anonymous 
> users, but it
> does not scale when you implement hundreds of servers and 
> have millions of
> users that require strong authentication.
> 
> Hence, if you *only* mandate CRAM-MD5, you will only cater to 
> the small
> installations.  That was the reason for my question.

That's one of the reasons why Digest is better. The protocol is specifically
designed to allow a third party authentication service so that passwords
don't have to be configured on each server.

Paul

Prev by Date: Re: Compromise Authentication Proposal
Next by Date: RE: draft minutes from Chicago meeting
Index(es):
- Chronological
- Thread