[Date Prev][Date Next] [Chronological] [Thread] [Top]

[ldapext] Password Policy operational attributes

To: Jim Sermersheim <jimse@novell.com>
Subject: [ldapext] Password Policy operational attributes
From: Howard Chu <hyc@highlandsun.com>
Date: Mon, 22 Nov 2004 02:07:42 -0800
Cc: ldapext@ietf.org
In-reply-to: <s17e206c.043@sinclair.provo.novell.com>
References: <s17e206c.043@sinclair.provo.novell.com>
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8a5) Gecko/20041101

I vaguely recall someone mentioning that the policy schema would be updated again for draft 9, but I can't seem to find it in my mailbox now. (So was I just imagining it?) Anyway, it seems that the state information needs to be defined with NO-USER-MODIFICATION in order to serve its purpose, otherwise any user with write access to their own entry can circumvent most of the policies.

--
  -- Howard Chu
  Chief Architect, Symas Corp.       Director, Highland Sun
  http://www.symas.com               http://highlandsun.com/hyc
  Symas: Premier OpenSource Development and Support

_______________________________________________
Ldapext mailing list
Ldapext@ietf.org
https://www1.ietf.org/mailman/listinfo/ldapext

Follow-Ups:
- Re: [ldapext] Password Policy operational attributes
  - From: Ludovic Poitou <Ludovic.Poitou@Sun.COM>

Prev by Date: Re: [ldapext] Kerberos Integrity behavior
Next by Date: Re: [ldapext] Password Policy operational attributes
Index(es):
- Chronological
- Thread