[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: Comments on draft-zeilenga-ldap-authpasswd-01.txt
At 04:28 PM 2/15/00 -0800, Bob Joslin wrote:
>I noticed you omitted the reply on the suggestion for changing the name of
>the attribute to hashPassword? I assume you disagree with the suggestion?
I overlooked this suggestion. See my comments below.
>4.1. authPasswordSyntax
>
> ( authPasswordSyntaxOID
> DESC 'authentication password syntax' )
>
> Values of this syntax are encoded according to the following BNF:
>
> authPasswordValue = scheme "$" [ info ] "$" hashedValue
> scheme = <an IA5 string of letters, numbers, and "-", "_", and "/">
> info = <a base64 encoded value>
> hashedValue = <a base64 encoded value>
>
> where scheme describes the hash mechanism, info is a scheme specific,
> and hashedValue is the hashed value. The info field is often a salt.
>
>If the authPasswordSyntax requires a hashedValue, why not change the name
>of the attribute to "hashPassword" instead of "authPassword?"
I intended to reword the section to not use the term "hash" but
to say the value stored a scheme specific. The intent is for
this attribute to be capable of support a wide variety of
storage schemes used to support authentication via user passwords.
>I would think "hashPassword" would be a more descriptive name.
The primary usage of the attribute type is to support password
authentication mechanisms, hence the name "authPassword."