[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: LDAP Authentication Consensus
I support option (1) in Tim's msg (using Digest-MD5 for mandatory-to-implement
auth mechanism). I've examined draft-leach-digest-sasl-00.txt and have don't
have any showstopper comments, tho I do have some less severe ones. I'll send
a review of the doc to the SASL list separately.
In terms of Steve's comments, I essentially agree with Mark & Tim. I believe
that the key goal the IESG desires is reducing the flux of cleartext passwords
on the Internet, and that specifying a simple, lightweight
lowest-common-denominator mechanism such as Digest-MD5 is a reasonable,
pragmatic step towards reaching that goal. Yes, this has been debated to
death, and it's all in the list archives.
In terms of editing the drafts and progressing them, I want to take the Authz
Factors stuff (section 6.*) *outta* ldapv3-tls-03 if we're going to progress
these three drafts together. I will create ldapv3-tls-04 with that change and
submit it by the deadline this wednesday unless someone has a credible
argument for not doing so.
thanks,
Jeff