[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Authmeth: bind without disclosing password

To: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>
Subject: Re: Authmeth: bind without disclosing password
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Tue, 09 Sep 2003 11:25:20 -0700
Cc: ietf-ldapbis@OpenLDAP.org
In-reply-to: <HBF.20030908iqz6@bombur.uio.no>

At 02:17 PM 9/8/2003, Hallvard B Furuseth wrote:
>Does [authmeth] standardize an authentication method which does not
>disclose the user's password to the server?

[authmeth] mandates that all LDAP implementations which support
an authentication mechanism to implement SASL/DIGEST-MD5.
SASL/DIGEST-MD5 does not expose the user's password to the
server.

Kurt

References:
- Authmeth: bind without disclosing password
  - From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>

Prev by Date: Authmeth: bind without disclosing password
Next by Date: Re: comments to draft-ietf-ldapbis-authmeth-04.txt
Index(es):
- Chronological
- Thread