[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: authPassword (RFC 3112) implemented?




On Jul 15, 2007, at 2:49 PM, Michael Ströder wrote:

Hallvard B Furuseth wrote:

If it's no longer needed - what has changed? I thought it was invented
because the existing scheme of '{hash method}' in userPassword broke the
LDAP standard. Which it still does.

Simply no-one cares.

For multiple reasons, yes.

BTW: IIRC RFC 3112 also lacks a definition of charset encoding for
textual strings. This was kinda solved for userPassword by an
implementation hint in RFC 4519 requiring SASLprep/UTF-8 but not for the
authPasswordSyntax.

In due time the other specifications will be appropriately updated.

The client is to use SASLprep/UTF-8 when using simple bind.  When a
client updates the password, whether by LDAP Password Modify or by
LDAP Modify (of userPassword (hashed or not) or authPassword), they
should also apply SASLprep/UTF-8.


http://www.openldap.org/lists/ietf-ldapbis/200110/msg00008.html

Ciao, Michael.