[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: RFC2256: userPassword
Oh and another thing! :)
If you use Transport Layer Security then the compare
request is encrypted at the transport level. Isn't this
sufficient?
JR Heisey wrote:
>
> My problem with this is that it gives the third party
> software access to all of my (assuming I'm the accounting
> system user) access to LDAP user information and possibly
> access to anything else that I have rights to. Which may or
> may not be a problem.
>
> JR
>
> Paul Leach wrote:
> >
> > > -----Original Message-----
> > > From: JR Heisey [mailto:jr.heisey@mediagate.com]
> > > Sent: Thursday, July 01, 1999 10:57 AM
> > > Solutions:
> > > 2a) call ldap_bind() with the users DN and password then
> > > allow access to the accounting function when the bind
> > > succeeds.
> > > ( Not my favorite choice. )
> >
> > But the only secure one that does not expose too much information about the
> > password (that has been discussed so far).
> >
> > Paul
>
> --
> -
> J. R. Heisey
--
-
J. R. Heisey