[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Comments on draft-zeilenga-ldap-authpasswd-01.txt
> I may be a bit green in understanding DIGEST-MD5, but why would having an
> already-hashed password help an LDAP server implement DIGEST-MD5 SASL binds?
> Doesn't DIGEST-MD5 authentication require the server to generate a nonce
> each time a bind is performed? Thus, how is having a pre-hashed value
> useful?
You might want to take a look at draft-wahl-ldap-digest-example-00.txt, which
describes how one vendor implements DIGEST-MD5 with hashed passwords.
Mark Wahl, Directory Product Architect
Innosoft International, Inc.