[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Authentication Methods for LDAP - last call

To: "John C. Strassner" <johns@cisco.com>
Subject: Re: Authentication Methods for LDAP - last call
From: Chris Newman <Chris.Newman@INNOSOFT.COM>
Date: Tue, 04 Aug 1998 09:43:52 -0700 (PDT)
Cc: IETF LDAP Extensions WG <ietf-ldapext@netscape.com>
In-reply-to: <3.0.2.32.19980803214818.00ab5bf0@ntg.cisco.com>
Resent-date: Tue, 04 Aug 1998 09:43:52 -0700 (PDT)
Resent-from: ietf-ldapext@netscape.com
Resent-message-id: <"lc4rQ.0.CS1.6fpnr"@glacier>
Resent-sender: ietf-ldapext-request@netscape.com

On Mon, 3 Aug 1998, John C. Strassner wrote:
> [js] I think that this needs further discussion. Kerberos, for one, seems
> to be a better choice.

Just a real-world note here.  I'm familiar with one IMAP
client/server vendor who implemented both Kerberos and CRAM-MD5.
According to his report, after two years, 1% of his customers had switched
to Kerberos.  After 6 months of CRAM-MD5 availability, 80% of his
customers had switched to CRAM-MD5.

Deployability is a serious consideration when selecting a
mandatory-to-implement mechanism.

		- Chris

References:
- Re: Authentication Methods for LDAP - last call
  - From: "John C. Strassner" <johns@cisco.com>

Prev by Date: cc:Mail Link to SMTP Undeliverable Message
Next by Date: RE: Authentication Methods for LDAP - last call (mandatory CRAM-M D5)
Index(es):
- Chronological
- Thread