[Date Prev][Date Next]
Re: SASL secrets in LDAP
Date: Mon, 06 May 2002 17:14:03 -0700
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
At 05:02 PM 2002-05-06, Howard Chu wrote:
>For many good reasons, we discourage the storage of plaintext passwords in
Yes, but if userPassword is plaintext (as it really should be, see
RFC 2256), then we can certainly use it for DIGEST-MD5.
Also, remember that the DIGEST-MD5 password hash is sufficient for
authentication (it is not a one-way hash like /etc/passwd).