[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: [ldapext] Re: Password policy state attributes
Ed Reed wrote:
At the risk of sounding like a crackpot...
You may need to consider something like the X.509 certificate object
class discussed in PKIX - an entry with all the policy associated with
the particular credential - in this case a password associated with an
authentication identity.
Yes this came to my mind as well. Such a solution would also facilitate
for other password policy attributes, such as duration, minimal length
etc. etc. Implementationwise it seems to me that having all these
attributes in one entry is far more easier than having to parse all the
tags of the password attributes.
[...]>
>>> "Jim Sermersheim" <jimse@novell.com> 11/22/02 12:16PM >>>
A group of people interested in progressing the password policy draft
has been growing and exchanging emails off list. We're moving discussion
here so we have a list and a wider audience.
I very much appreciate this discussion. I think password policy is
something more and more needed, since LDAP is more and more used as
central authentication service.
And I appreciate that this discussion is now taking place on this list.
[...]
Jim
p.s. I can provide a set of recent previous discussions on this and
other issues to anyone that wants them.
yes please. May be you could put them in a webarchive or so.
cheers,
Peter
--
_______________________________________________________________________
Peter Gietz (CEO)
DAASI International GmbH phone: +49 7071 2970336
Wilhelmstr. 106 Fax: +49 7071 295114
D-72074 Tübingen email: peter.gietz@daasi.de
Germany Web: www.daasi.de
Directory Applications for Advanced Security and Information Management
_______________________________________________________________________
_______________________________________________
Ldapext mailing list
Ldapext@ietf.org
https://www1.ietf.org/mailman/listinfo/ldapext