[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: pass-through authentication and base64

To: sergio <mailbox@sergio.spb.ru>
Subject: Re: pass-through authentication and base64
From: Howard Chu <hyc@symas.com>
Date: Thu, 16 Aug 2012 00:07:58 -0700
Cc: openldap-technical@openldap.org
In-reply-to: <502C9278.6050005@sergio.spb.ru>
References: <5028E472.7030703@sergio.spb.ru> <20120814200355.GC27783@dan.olp.net> <502B172F.8020805@sergio.spb.ru> <502B4ADB.4080306@stroeder.com> <502B5A6A.3050500@sergio.spb.ru> <502BE592.2070403@maxim-ic.com> <502C9278.6050005@sergio.spb.ru>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:16.0) Gecko/16.0 Firefox/16.0 SeaMonkey/2.13a1

sergio wrote:
>> I don't see any justification in the file for doing so, but the RFC
>> says any value MAY be encoded.  I think Michael's advice is very
>> prudent.
> 
> MAY be encoded, yes. This means that ldapsearch or slapcat can output
> all values base-64 encoded. But it's very inconvenient. When
> userPassword is a link to another authenticator base-64 encoding is also
> inconvenient.

*Ignorance* is inconvenient. What does any of this have to do with
pass-through authentication? When slapd handles an authentication it uses the
binary value. base64 has nothing to do with it.

-- 
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/

Follow-Ups:
- Re: pass-through authentication and base64
  - From: sergio <mailbox@sergio.spb.ru>

References:
- pass-through authentication and base64
  - From: sergio <mailbox@sergio.spb.ru>
- Re: pass-through authentication and base64
  - From: Dan White <dwhite@olp.net>
- Re: pass-through authentication and base64
  - From: sergio <mailbox@sergio.spb.ru>
- Re: pass-through authentication and base64
  - From: Michael Ströder <michael@stroeder.com>
- Re: pass-through authentication and base64
  - From: sergio <mailbox@sergio.spb.ru>
- Re: pass-through authentication and base64
  - From: Wes Hardin <wes.hardin@maxim-ic.com>
- Re: pass-through authentication and base64
  - From: sergio <mailbox@sergio.spb.ru>

Prev by Date: Re: pass-through authentication and base64
Next by Date: Re: I have 2 questions
Index(es):
- Chronological
- Thread