[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: RFC2256: userPassword

To: David Boreham <dboreham@netscape.com>
Subject: Re: RFC2256: userPassword
From: Paul Collins <paul@oneclick.com>
Date: Tue, 29 Jun 1999 12:28:05 -0700
Cc: " ietf-ldapext@netscape.com" <ietf-ldapext@netscape.com>
Mail-system-version: ClickMail 2.0b1
Resent-date: Tue, 29 Jun 1999 12:28:06 -0700 (PDT)
Resent-from: ietf-ldapext@netscape.com
Resent-message-id: <"IgDOPD.A.WNC.d4Re3"@glacier>
Resent-sender: ietf-ldapext-request@netscape.com

                 RE>>RFC2256: userPassword
> They aren't. It's a philisophical position that they can be read,
> somehow. This is why we use one-way hashes for passwords rather than
> storing cleartext.

Thanks. I certainly am aware that hashes are the way to go. This
conversation got me to look around for MD5 code again (for Macintosh) for
my LDAP server, and I was startled to find it right in the IP class
library I'm already using. So my little Mac OS LDAP server will be a
little bit better.

Best regards,

Paul Collins


** One Click Systems   http://www.oneclick.com/   info@oneclick.com **
** ClickMail Central Directory - master address book - LDAP server  **
** Chat with us--Wednesdays 10AM Pacific/1PM EST (www.oneclick.com) **

Prev by Date: RE: RFC2256: userPassword
Next by Date: RE: RFC2256: userPassword
Index(es):
- Chronological
- Thread