[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: RFC2256: userPassword

To: 'JR Heisey' <jr.heisey@mediagate.com>, ietf-ldapext@netscape.com
Subject: RE: RFC2256: userPassword
From: Paul Leach <paulle@microsoft.com>
Date: Thu, 01 Jul 1999 13:52:11 -0700
Cc: ietf-ldapext@netscape.com
Resent-date: Thu, 01 Jul 1999 14:06:57 -0700 (PDT)
Resent-from: ietf-ldapext@netscape.com
Resent-message-id: <"CFobx.A._VE.nh9e3"@glacier>
Resent-sender: ietf-ldapext-request@netscape.com


> -----Original Message-----
> From: JR Heisey [mailto:jr.heisey@mediagate.com]
> Sent: Thursday, July 01, 1999 10:57 AM
> Solutions:
> 2a) call ldap_bind() with the users DN and password then
> allow access to the accounting function when the bind
> succeeds.
> ( Not my favorite choice. )

But the only secure one that does not expose too much information about the
password (that has been discussed so far).

Paul

Follow-Ups:
- Re: RFC2256: userPassword
  - From: JR Heisey <jr.heisey@mediagate.com>

Prev by Date: Re: RFC2256: userPassword
Next by Date: RE: RFC2256: userPassword
Index(es):
- Chronological
- Thread