[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: RFC2256: userPassword

To: mcs@netscape.com (Mark C Smith)
Subject: Re: RFC2256: userPassword
From: Mark Wahl <M.Wahl@INNOSOFT.COM>
Date: Wed, 30 Jun 1999 15:08:53 -0500
Cc: "Kurt D. Zeilenga" <Kurt@OpenLDAP.Org>, David Boreham <dboreham@netscape.com>, Helmut Volpers <helmut.volpers@icn.siemens.de>, " ietf-ldapext@netscape.com" <ietf-ldapext@netscape.com>
Resent-date: Wed, 30 Jun 1999 13:10:10 -0700 (PDT)
Resent-from: ietf-ldapext@netscape.com
Resent-message-id: <"hZzlT.A.5VD.cmne3"@glacier>
Resent-sender: ietf-ldapext-request@netscape.com

An important consideration is the interaction of hashed passwords and 
SASL mechanisms.  The conventions of {CRYPT}, {SHA}, {SSHA} may not allow
interoperability using the MTI DIGEST-MD5 mechanism, or other SASL 
password protection mechanisms.  As a vendor while we supported DES, MD4 and 
SHA-1 / salted SHA-1 hashing for transition purposes where the clients use the
'simple' bind, our engineers needed to create a new convention form that 
would support DIGEST-MD5 while still obfuscating the password value in the
server.

Mark Wahl, Directory Product Architect
Innosoft International, Inc.

Prev by Date: Re: RFC2256: userPassword
Next by Date: agenda for LDAPEXT meeting in Oslo
Index(es):
- Chronological
- Thread