[Date Prev][Date Next] [Chronological] [Thread] [Top]

authentication mechanisms question

To: "'Ellen Stokes'" <stokes@austin.ibm.com>, ietf-ldapext@netscape.com
Subject: authentication mechanisms question
From: "Miklos, Sue A." <samiklo@missi.ncsc.mil>
Date: Fri, 21 Jul 2000 13:27:34 -0400

Please excuse this question if it's already been discussed/resolved - 

In reviewing tha authnLevel options and associated mechanisms, I see
references to sasl (LDAP3).  In tracing back to RFC 2222, EXTERNAL options
are permitted. 

I would like to confirm that the authors agree that there's nothing in this
draft that would preclude the use of an X.509v3 signature certificate as an
'external' authentication mechanism for conveying the DN.

the difficulties associated with managing large numbers of passwords, vice
allowing role name conventions within a certificate has led us to choose the
certificate-based authentication.

regards,
Sandi

Prev by Date: Re: filters in ldapACI (WAS Re: I-D ACTION:draft-ietf-ldapext-acl-model-06.txt)
Next by Date: Re: Discovering LDAP Services with DNS - draft-ietf-ldapext-locate-03.txt
Index(es):
- Chronological
- Thread