Re: RFC2256: userPassword

[mcs@netscape.com (Mark C Smith)]

Robert Allen wrote:
> 
> >>At 10:58 AM 6/29/99 -0700, Robert Allen wrote:
> >>>The argument here is that having a bunch of world
> >>>readable passwords IS the same as having cleartext passwords
> >>>in todays world.
> >>
> >>The counter argument is that userPasswords are bound to fall
> >>into the wrong hands regardless of what access controls you
> >>deploy.
> 
>         I don't understand this viewpoint.  For example I
>         don't assume that my passords (not stored in LDAP)
>         which I use to access my bank accounts, etc., will
>         inevitably fall into the wrong hands.  It seems to
>         me that assuming they will in our business is a
>         way of bypassing having to worry about decent security.

Maybe... but a common concern is that those who maintain the directory
servers should not be casually exposed to passwords.  For example, as a
directory administrator I want to be able to dump the directory data to
an LDIF file and browse the contents without stumbling across your
password (which you might use for other services too and so on_.  In
this scenario, the strength of the hash is not very important but the
fact that the userPassword value is obscured is -- to some people.

-- 
Mark Smith
Directory Architect / Sun-Netscape Alliance
My words are my own, not my employer's.  Got LDAP?