[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: LDAPDN and AuthMeth/DIGEST-MD5

To: "Paul Leach (Exchange)" <paulle@Exchange.Microsoft.com>
Subject: RE: LDAPDN and AuthMeth/DIGEST-MD5
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.Org>
Date: Thu, 18 Nov 1999 21:10:00 -0800
Cc: ietf-ldapext@netscape.com
In-reply-to: <19398D273324D3118A2B0008C7E9A569051BEAEB@SIT.platinum.corp.microsoft.com>
Resent-date: Thu, 18 Nov 1999 21:12:05 -0800 (PST)
Resent-from: ietf-ldapext@netscape.com
Resent-message-id: <"fi4eND.A.d-F.dwNN4"@glacier>
Resent-sender: ietf-ldapext-request@netscape.com

At 08:20 PM 11/18/99 -0800, Paul Leach (Exchange) wrote: 
> I strenuously object to any LDAP-specific authentication protocol being required. 

Well, LDAP already specifies LDAP-specific authentication methods.
Though SASL is nice and wonderful, it's not a cure all.  Neither
is traditional LDAP authentication.  Neither is PKI.

LDAP is flexible enough to support all these approaches and more.
It's our responsibility to provide this flexibility in a secure
manner.

I believe that we must specify a LDAP secure bind method
for use with LDAP DN authorization identities as LDAP DN
based authentication is an integral part of LDAP.

References:
- RE: LDAPDN and AuthMeth/DIGEST-MD5
  - From: "Paul Leach (Exchange)" <paulle@Exchange.Microsoft.com>

Prev by Date: Re: LDAPsubentry
Next by Date: Re: supportedControl and recognized controls
Index(es):
- Chronological
- Thread