[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: Authentication Methods for LDAP - last call (mandatory CRAM-M D5)
We can deploy Digest in the same time frame as CRAM-MD5. It's deployment
that counts -- perfect undeployed protocols do not increase security. And
mandatory-to-inmplement weak deployed protocols decrease security if there
are better alternatives available in the same time frame.
Since what seems to be the problem here is politics, why not make TLS the
mandatory-to-implement?
Paul