[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: LDAP and DIGEST-MD5 SASL - rfc2829

To: sanjay jain <sanjay.jain@software.com>
Subject: Re: LDAP and DIGEST-MD5 SASL - rfc2829
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Tue, 05 Sep 2000 17:40:09 -0700
Cc: david.a.cahlander@syntegra.com, ietf-ldapext@netscape.com
In-reply-to: <39B58908.85965740@software.com>
References: <4.3.2.7.0.20000831164708.00b67e00@router.boolean.net>

At 05:00 PM 9/5/00 -0700, sanjay jain wrote:
>"Kurt D. Zeilenga" wrote:
>> >I'm sure that I'm missing something very basic.
>>
>> The intent of DIGEST-MD5 is to offer relatively strong
>> authentication services between the client and the server
>> at low cost.
>
>Can somebody eavesdrop and extract response value (section
>2.1.2.1) from the digest response and use the same response
>value to authenticate later ?

No.  See section 3.3.

Kurt

References:
- Re: LDAP and DIGEST-MD5 SASL - rfc2829
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
- Re: LDAP and DIGEST-MD5 SASL - rfc2829
  - From: sanjay jain <sanjay.jain@software.com>

Prev by Date: Re: LDAP and DIGEST-MD5 SASL - rfc2829
Next by Date: Re: draft-ietf-ldapext-locate-04.txt
Index(es):
- Chronological
- Thread