[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Syntaxes draft on directory updates
If this is a requirement (and it appears to be so based on the use of the MUST), what constitutes "strong authentication"? Is that defined somewhere? The AuthMeth draft already has the following security consideration:
"Servers are encouraged to prevent modifications by anonymous users. "
Perhaps that is sufficient.
Roger
>>> Hallvard B Furuseth 11/25/2002 3:09:39 PM >>>
draft-ietf-ldapbis-syntaxes-03.txt says:
> 5.3 Securing the Directory
>
> In order to protect the directory and its contents, strong
> authentication MUST have been used to identify the Client when an
> update operation is requested.
That seems a strange place to put this information.
I think it belongs in the Protocol draft.
--
Hallvard