[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: RFC2256: userPassword

To: Helmut Volpers <helmut.volpers@icn.siemens.de>, David Boreham <dboreham@netscape.com>
Subject: Re: RFC2256: userPassword
From: Erik Skovgaard <eskovgaard@geotrain.com>
Date: Wed, 30 Jun 1999 09:37:34 -0700
Cc: Paul Collins <paul@oneclick.com>, Robert Allen <robert.allen@eng.sun.com>, " gomez@lhola.engr.sgi.com" <gomez@lhola.engr.sgi.com>, " paulle@microsoft.com" <paulle@microsoft.com>, " ietf-ldapext@netscape.com" <ietf-ldapext@netscape.com>, " Kurt@OpenLDAP.Org" <kurt@openldap.org>
In-reply-to: <3779CB5E.983CBAC@icn.siemens.de>
References: <199906291850.LAA14641@ego.mind.net> <37791A7F.8A03E9FF@netscape.com>
Resent-date: Wed, 30 Jun 1999 09:41:51 -0700 (PDT)
Resent-from: ietf-ldapext@netscape.com
Resent-message-id: <"3RMvxC.A.stD.Hjke3"@glacier>
Resent-sender: ietf-ldapext-request@netscape.com

I also do not think you can make the assumption that passwords are nver
read.  It is possible that some applications may do that.  Hence, a one-way
hash won't work.

Cheers,                   ....Erik.

------------------------------------
Erik Skovgaard
GeoTrain Corp.
Directory Design and Deployment
http://www.geotrain.com

At 09:46 99/06/30 +0200, Helmut Volpers wrote:
>David,
>
>David Boreham wrote:
>> 
>> Paul Collins wrote:
>> 
>> > Why are they world-readable in the first place? I figured authentication
>> 
>> They aren't. It's a philisophical position that they
>> can be read, somehow. This is why we use one-way
>> hashes for passwords rather than storing cleartext.
>
>How do you replicate one-way hashed passwords to any other server ?
>Can you make a LDIF dump (for backup) and load the data to another
>server ?
>
>Is the question really how to store it in the server ? the question is
>how 
>the password goes over the wire.
>
>Helmut
>Attachment Converted: "d:\Program Files\Eudora\Attach\helmut.volpers.vcf"
>

References:
- Re: RFC2256: userPassword
  - From: Paul Collins <paul@oneclick.com>
- Re: RFC2256: userPassword
  - From: dboreham@netscape.com (David Boreham)
- Re: RFC2256: userPassword
  - From: Helmut Volpers <helmut.volpers@icn.siemens.de>

Prev by Date: Re: RFC2256: userPassword
Next by Date: Re: RFC2256: userPassword
Index(es):
- Chronological
- Thread