[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: kpasswd

To: Tony Earnshaw <tonni@billy.demon.nl>
Subject: Re: kpasswd
From: Allan Streib <astreib@indiana.edu>
Date: Thu, 16 Oct 2003 16:38:30 -0500
Cc: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>, openldap-software@OpenLDAP.org
In-reply-to: <3F8F03DF.4020709@billy.demon.nl>

On Thursday, October 16, 2003, at 03:47 PM, Tony Earnshaw wrote:

Kurt D. Zeilenga wrote:
Like {KERBEROS}, {SASL} does not require clients to have support
for SASL nor Kerberos.
The client MUA I'm using to send this mail has to smtp authenticate to the MTA. The MTA allows only digest-md5 or cram-md5 authentication. Although this is is nothing to do with Kerberos, how can you say that the client is not required to have support for SASL?

I believe the difference is you are talking about a SASL bind, and what we're discussing is a way to do a *simple* bind that is using a SASL mechanism on the back-end to do the authentication rather than having a password or password hash directly stored in the userPassword attribute.

Allan

Follow-Ups:
- Re: kpasswd
  - From: Tony Earnshaw <tonni@billy.demon.nl>

References:
- Re: kpasswd
  - From: Tony Earnshaw <tonni@billy.demon.nl>

Prev by Date: Re: kpasswd
Next by Date: RE: make test008-concurrency on dual PIII 800 hangs
Index(es):
- Chronological
- Thread