[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: SASL secrets in LDAP
Date: Mon, 06 May 2002 17:14:03 -0700
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Cc: <openldap-devel@OpenLDAP.org>
At 05:02 PM 2002-05-06, Howard Chu wrote:
>For many good reasons, we discourage the storage of plaintext passwords in
>LDAP.
Yes, but if userPassword is plaintext (as it really should be, see
RFC 2256), then we can certainly use it for DIGEST-MD5.
Also, remember that the DIGEST-MD5 password hash is sufficient for
authentication (it is not a one-way hash like /etc/passwd).
Larry