[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: RFC2256: userPassword
> -----Original Message-----
> From: dboreham@netscape.com [mailto:dboreham@netscape.com]
> Sent: Wednesday, June 30, 1999 8:54 AM
> Netscape implements a set of standard hashes
> including SHA-1 and crypt. Some other vendors
> support one or more of these hashing functions.
>
> Seems to me that you will not get intervendor
> replication to work unless some common standard
> for password hashing is agreed upon.
> An alternative would be to transmit passwords
> in the clear or in reversibly hashed form.
> I can't see that proving popular with customers.
>
This has nothing to do with replication, as far as I can see. If I'm a
client of LDAP, and I want to check if a user name and password that I have
been given go together, then I need to know what hash to use so I can
compare with what's stored in the userPassword attribute on that user's
account object in the directory. Seems like you are saying that its
different for each different vendor.
Paul