[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: LDAP and DIGEST-MD5 SASL - rfc2829

To: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Subject: Re: LDAP and DIGEST-MD5 SASL - rfc2829
From: sanjay jain <sanjay.jain@software.com>
Date: Tue, 05 Sep 2000 17:00:08 -0700
Cc: david.a.cahlander@syntegra.com, ietf-ldapext@netscape.com
Organization: Software.Com
References: <4.3.2.7.0.20000831164708.00b67e00@router.boolean.net>

"Kurt D. Zeilenga" wrote:

> >I'm sure that I'm missing something very basic.
>
> The intent of DIGEST-MD5 is to offer relatively strong
> authentication services between the client and the server
> at low cost.

Can somebody eavesdrop and extract response value (section
2.1.2.1) from the digest response and use the same response
value to authenticate later ?

Follow-Ups:
- Re: LDAP and DIGEST-MD5 SASL - rfc2829
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

References:
- Re: LDAP and DIGEST-MD5 SASL - rfc2829
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: I CAN make you a millionaire in 12 months or less!
Next by Date: Re: LDAP and DIGEST-MD5 SASL - rfc2829
Index(es):
- Chronological
- Thread