Re: Schema: encrypted 8-bit userPassword and SASLprep

[Hallvard B Furuseth <h.b.furuseth@usit.uio.no>]

Kurt D. Zeilenga writes:
>At 08:44 AM 9/12/2003, Hallvard B Furuseth wrote:
>>Since [Schema] says userPassword must be stored unencrypted, I'll switch
>>to talk about this text in [Protocol] 4.2 (Bind Operation), and passwords
>>stored encrypted in the server in some other way than userPassword:
> 
> I think we do need to switch this to a [Protocol]/[AuthMeth] discussion.

Hm.  It got very quiet here.  Should I mention that all of that message
was written in the spirit of addressing the [Protocol] paragraph about
saslprep, rather than userPassword?

I started this thread by confusing userPassword with auth passwords, and
I think I succeeded in confusing John about it too - or if not, his
message could at least be read as if I had:-) So I just went ahead and
changed the topic of the reply.

> I think the WG has accepted (long ago) that simple bind may be used
> with password attributes other than userPassword (e.g., authPassword)
> and/or with external password stores.

Yes, that was what I was assuming this time.

-- 
Hallvard