[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: LDAPDN and AuthMeth/DIGEST-MD5
At 08:20 PM 11/18/99 -0800, Paul Leach (Exchange) wrote:
> I strenuously object to any LDAP-specific authentication protocol being required.
Well, LDAP already specifies LDAP-specific authentication methods.
Though SASL is nice and wonderful, it's not a cure all. Neither
is traditional LDAP authentication. Neither is PKI.
LDAP is flexible enough to support all these approaches and more.
It's our responsibility to provide this flexibility in a secure
manner.
I believe that we must specify a LDAP secure bind method
for use with LDAP DN authorization identities as LDAP DN
based authentication is an integral part of LDAP.