[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldap password policy approach

To: Jim Sermersheim <JIMSE@novell.com>
Subject: Re: ldap password policy approach
From: "Kurt D. Zeilenga" <kurt@boolean.net>
Date: Wed, 27 Oct 1999 22:13:01 -0700
Cc: ietf-ldapext@netscape.com, prasanta@netscape.com, kurt@openldap.org
In-reply-to: <s8175eef.012@prv-mail20.provo.novell.com>
Resent-date: Wed, 27 Oct 1999 22:22:05 -0700 (PDT)
Resent-from: ietf-ldapext@netscape.com
Resent-message-id: <"70z4cC.A.FbD.t09F4"@glacier>
Resent-sender: ietf-ldapext-request@netscape.com

At 08:21 PM 10/27/99 -0600, Jim Sermersheim wrote:
>If we open the discussion up to LDAP applications in general rather than talk specifically about authentication applications, I don't think an administrator can realistically enforce well behaved applications. Since LDAP is an open protocol, and surely there is/will be a wide array of applications that are LDAP enabled, how can an administrator prevent a 'naughty' LDAP application from being run at my desktop?


This is the same problem as a 'naughy' whatever application.
Administrators should deal in the same manner as if the user
had used in any other unauthorized software.

3rd party authentication services are, if authorized, are
generally choosen (and policed) by the administrator.

Kurt

----
Kurt D. Zeilenga		<kurt@boolean.net>
Net Boolean Incorporated	<http://www.boolean.net/>

References:
- Re: ldap password policy approach
  - From: Jim Sermersheim <JIMSE@novell.com>

Prev by Date: Re: ldap password policy approach
Next by Date: Multi-valued passwords and the policy
Index(es):
- Chronological
- Thread