[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Authentication Methods for LDAP - last call
Chris Newman wrote:
>
> There is no standards track specification for HTTP digest in SASL at this
> time, therefore it is out of order to propose it as a replacement. The
> proposal would have to be "put LDAP and LDAPEXT on hold until we reach
> concensus on a replacement for CRAM-MD5 and that replacement becomes
> standards track." I'm neutral on this proposal.
I'm not. That would delay us (and every other thing
the LDAPEXT group is working on) for about a year,
would be my guess. It may be that when we have a
good replacement for cram-md5 we should incorporate
that into the ldap spec. But until such a thing
exists, we should use the best that's available to
us. That sounds like cram-md5. -- Tim