[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: I-D ACTION:draft-zeilenga-ldap-authpasswd-00.txt
At 02:50 PM 12/22/99 -0800, Paul Leach (Exchange) wrote:
> I have a clarification question.
> In section 3, "Background and Intended Use", it says:
>
> authPassword is intended to be used to store hashed password values
> for authentication purposes. The attribute may be used by servers to
> implement LDAP simple bind and SASL [RFC 2222] user/password
> mechanisms such as DIGEST-MD5 [DIGEST-MD5].
>
> Which "servers" are you referring to? In particular, is it intended
> to be used by the LDAP server storing it for authentication purposes,
> or by other servers?
To clarify:
The attribute may be used by LDAP servers to implement
simple bind and SASL user/password mechanisms such as
DIGEST-MD5.
That is, an LDAP server may use authPassword for in-directory
storage of authentication information. AuthPassword may be
used for other applications, but that is not its intended use.
Note also that I am using the term "implement" in the general
sense. I presume that LDAP implementors will leverage available
SASL services.
----
Kurt D. Zeilenga <kurt@boolean.net>
Net Boolean Incorporated <http://www.boolean.net/>