[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: authPassword (RFC 3112) implemented?

To: Michael Ströder <michael@stroeder.com>
Subject: Re: authPassword (RFC 3112) implemented?
From: Kurt Zeilenga <kurt@OpenLDAP.org>
Date: Sun, 15 Jul 2007 15:41:28 -0700
Cc: openldap-devel@OpenLDAP.org
In-reply-to: <469A9654.7070506@stroeder.com>
References: <55715.212.159.59.85.1184453991.squirrel@webmail.suretecsystems.com> <1072.151.24.82.206.1184495187.squirrel@151.24.82.206> <hbf.20070715x4o9@bombur.uio.no> <469A9654.7070506@stroeder.com>


On Jul 15, 2007, at 2:49 PM, Michael Ströder wrote:

Hallvard B Furuseth wrote:
If it's no longer needed - what has changed? I thought it was invented because the existing scheme of '{hash method}' in userPassword broke the LDAP standard. Which it still does.
Simply no-one cares.


For multiple reasons, yes.

BTW: IIRC RFC 3112 also lacks a definition of charset encoding for textual strings. This was kinda solved for userPassword by an implementation hint in RFC 4519 requiring SASLprep/UTF-8 but not for the authPasswordSyntax.


In due time the other specifications will be appropriately updated.

The client is to use SASLprep/UTF-8 when using simple bind.  When a
client updates the password, whether by LDAP Password Modify or by
LDAP Modify (of userPassword (hashed or not) or authPassword), they
should also apply SASLprep/UTF-8.


http://www.openldap.org/lists/ietf-ldapbis/200110/msg00008.html

Ciao, Michael.

References:
- authPassword (RFC 3112) implemented?
  - From: "Gavin Henry" <ghenry@suretecsystems.com>
- Re: authPassword (RFC 3112) implemented?
  - From: "Pierangelo Masarati" <ando@sys-net.it>
- Re: authPassword (RFC 3112) implemented?
  - From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>
- Re: authPassword (RFC 3112) implemented?
  - From: Michael Ströder <michael@stroeder.com>

Prev by Date: Re: authPassword (RFC 3112) implemented?
Next by Date: Re: Issue [4623] : backport patch
Index(es):
- Chronological
- Thread