[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Authmeth/DIGEST-MD5

To: RL 'Bob' Morgan <rlmorgan@cac.washington.edu>
Subject: Re: Authmeth/DIGEST-MD5
From: mcs@netscape.com (Mark C Smith)
Date: Mon, 02 Aug 1999 14:19:07 -0400
Cc: "Kurt D. Zeilenga" <Kurt@OpenLDAP.Org>, ietf-ldapext@netscape.com
Organization: Netscape Communications
References: <Pine.LNX.4.05.9907291703340.5242-100000@perq.cac.washington.edu>
Resent-date: Mon, 02 Aug 1999 11:20:00 -0700 (PDT)
Resent-from: ietf-ldapext@netscape.com
Resent-message-id: <"cLHzv.A.ZsC.KFep3"@glacier>
Resent-sender: ietf-ldapext-request@netscape.com

RL 'Bob' Morgan wrote:
> ...
> All of this brings up the topic of how, in general, a client is able to
> determine what authorization identity the server is using for it (the
> client) on a particular connection.  Since we necessarily allow the server
> a lot of wiggle room in making this determination, the client may not know
> what it's bound as.  Any opinions on this?

Funny you should mention this.  Myself and a couple of other people are
in the processing of finishing the edits on a new Internet Draft that
defines a control to allow a server to indicate to an LDAP client what
authorization identity the server chose.  This is useful both for TLS
and for some SASL mechanisms (where the client would otherwise have no
way to determine what identity the server settled on).  Expect to see
the draft soon.

-- 
Mark Smith
iPlanet Directory Architect / Sun-Netscape Alliance
My words are my own, not my employer's.   Got LDAP?

References:
- RE: Authmeth/DIGEST-MD5
  - From: RL 'Bob' Morgan <rlmorgan@cac.washington.edu>

Prev by Date: RE: Authmeth/DIGEST-MD5
Next by Date: Re: Authmeth/DIGEST-MD5
Index(es):
- Chronological
- Thread