Authentication Methods for LDAP - last call

[Steve Kille <S.Kille@isode.com>]

I have reviewed this document.  There is some useful 
general information here.   

I think that this document mixes three things:
  1) General tutorial (very useful to have in this complex 
     area, which was what Harald's original document did).
  2) Specifications of what to do (e.g., the Authorization  
     identity specification).  These documents belong 
     in a protocol specification.
  3) Setting profile requirements and recommendations for 
     LDAP implementation of security features.

I think a lot of work needs to be done before this is ready 
to go to the IESG.   THe main thing is structural, to break 
into several documents, with a functional split something 
like I set out above.  I think that this split will improve 
the clarity of thinking, as in some areas the 
policy/implementation gets blurred in the current document.

I think that the tutorial document (the list in section 3 
here) needs to tie in use of IPsec, as it is clear that 
many configurations will use this for data confidentiality 
and security.

I am totally opposed to mandatory support of CRAM-MD5 in 
LDAP.   CRAM-MD5 requires a shared secret between client 
and server.  In a large scale distributed system, where a 
given client might bind to many servers, this is totally 
unmagageable.   I think that the policy documents should 
NOT be requiring this.  I cannot overstate how BAD I think 
this choice is?

Does anyone else agree with this?   If so, please respond 
to the list.


Steve