[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: LDAP Authentication Consensus

To: ietf-ldapext@netscape.com
Subject: Re: LDAP Authentication Consensus
From: Jeff.Hodges@stanford.edu
Date: Mon, 16 Nov 1998 10:35:01 -0800
In-reply-to: Your message of Thu, 12 Nov 1998 09:15:12 -0800
Resent-date: Mon, 16 Nov 1998 10:35:09 -0800 (PST)
Resent-from: ietf-ldapext@netscape.com
Resent-message-id: <"CGUXq3.0.oV3.Q17Ks"@glacier>
Resent-sender: ietf-ldapext-request@netscape.com

I support option (1) in Tim's msg (using Digest-MD5 for mandatory-to-implement 
auth mechanism). I've examined draft-leach-digest-sasl-00.txt and have don't 
have any showstopper comments, tho I do have some less severe ones. I'll send 
a review of the doc to the SASL list separately.

In terms of Steve's comments, I essentially agree with Mark & Tim. I believe 
that the key goal the IESG desires is reducing the flux of cleartext passwords 
on the Internet, and that specifying a simple, lightweight 
lowest-common-denominator mechanism such as Digest-MD5 is a reasonable, 
pragmatic step towards reaching that goal. Yes, this has been debated to 
death, and it's all in the list archives.

In terms of editing the drafts and progressing them, I want to take the Authz 
Factors stuff (section 6.*) *outta* ldapv3-tls-03 if we're going to progress 
these three drafts together. I will create ldapv3-tls-04 with that change and 
submit it by the deadline this wednesday unless someone has a credible 
argument for not doing so.

thanks,

Jeff

Prev by Date: RE: Status of LDIF and Changelog?
Next by Date: RE: Status of LDIF and Changelog?
Index(es):
- Chronological
- Thread