[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: LDAP Authentication Consensus
On Wed, 11 Nov 1998, Hallvard B Furuseth wrote:
> One thing occurred to me recently: What to do with the good old FAQ
> "How do I authenticate with passowords from YP passwd or /etc/passwd?"
> That means clients SHOULD use TLS (or cleartext), right?
SHOULD use TLS, SHOULD NOT use cleartext (but could). Section 8.2 of
authmeth-02 describes how to do it, but is deficient (IMHO) in assuming
that the password repository is in the directory itself; the server's
version of the password could obviously also be found in the places you
mention.
- RL "Bob" Morgan
Stanford