[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: RFC2256: userPassword
Helmut Volpers wrote:
> perhaps I missed something, do you think microsoft, netscape
> innosoft, ibm, siemens etc have to use the same one way encryption
> algorithm, or do you mean every client should use the same
> encryption algorithm and the server only make the compare ?
If servers are participating in a replication agreement,
they must implement all the hashing schemes employed.
(same things applies to access control and schema
and a bunch of other things, of course).
Netscape implements a set of standard hashes
including SHA-1 and crypt. Some other vendors
support one or more of these hashing functions.
Seems to me that you will not get intervendor
replication to work unless some common standard
for password hashing is agreed upon.
An alternative would be to transmit passwords
in the clear or in reversibly hashed form.
I can't see that proving popular with customers.