[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: LDAP Authentication Consensus

To: ietf-ldapext@netscape.com
Subject: Re: LDAP Authentication Consensus
From: RL Bob Morgan <Bob.Morgan@Stanford.EDU>
Date: Wed, 11 Nov 1998 14:47:05 -0800 (PST)
In-reply-to: <HBF.981111r137@bombur2.uio.no>
Resent-date: Wed, 11 Nov 1998 14:47:17 -0800 (PST)
Resent-from: ietf-ldapext@netscape.com
Resent-message-id: <"0-SlP3.0.lv3.hFXIs"@glacier>
Resent-sender: ietf-ldapext-request@netscape.com

On Wed, 11 Nov 1998, Hallvard B Furuseth wrote:

> One thing occurred to me recently:  What to do with the good old FAQ
>  "How do I authenticate with passowords from YP passwd or /etc/passwd?"
> That means clients SHOULD use TLS (or cleartext), right?

SHOULD use TLS, SHOULD NOT use cleartext (but could).  Section 8.2 of
authmeth-02 describes how to do it, but is deficient (IMHO) in assuming
that the password repository is in the directory itself; the server's
version of the password could obviously also be found in the places you
mention.

 - RL "Bob" Morgan
   Stanford

References:
- Re: LDAP Authentication Consensus
  - From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>

Prev by Date: Re: LDAP Authentication Consensus
Next by Date: ldap_get/set_option in ldapext-ldap-c-api-01
Index(es):
- Chronological
- Thread