[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: RFC2256: userPassword
>>At 10:58 AM 6/29/99 -0700, Robert Allen wrote:
>>>The argument here is that having a bunch of world
>>>readable passwords IS the same as having cleartext passwords
>>>in todays world.
>>
>>The counter argument is that userPasswords are bound to fall
>>into the wrong hands regardless of what access controls you
>>deploy.
I don't understand this viewpoint. For example I
don't assume that my passords (not stored in LDAP)
which I use to access my bank accounts, etc., will
inevitably fall into the wrong hands. It seems to
me that assuming they will in our business is a
way of bypassing having to worry about decent security.
IMHO,
Robert
rja@Eng.Sun.COM